CVE-2005-1596

Name of the Vulnerable Software and Affected Versions Fusion SBX versions 1.2 and earlier

Description The issue concerns the improper use of the extract function in index.php, allowing remote attackers to bypass authentication by setting the is logged parameter or execute arbitrary code via the maxname2 parameter.

Recommendations For Fusion SBX versions 1.2 and earlier, consider disabling the vulnerable index.php file or restricting access to it until a proper fix is applied, and avoid using the maxname2 parameter in the affected endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.