Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

Last Updated: January 13 2009

  • by muscapaul
    PHP-Fusion v7.00.05 upgrade for v7.00.4
    It's with pleasure that we announce the present upgrade package for PHP-Fusion v7. This package includes two minor…
    Continue Reading
    33580
  • by Christian
    PHP-Fusion v6.01.14
    I'm pleased to announce the availability of PHP-Fusion v6.01.14. An XSS vulnerability patch is available for…
    Continue Reading
    14355
  • by Admin
    PHP-Fusion v6.01.15
    A Secunia advisory has brought to my attention a SQL injection vulnerability - hence yet another patch is available. Simply download…
    Continue Reading
    18962
  • by Admin
    v6.00.106 update fixes xss exploit
    While I was away an xss exploit was uncovered in the news/article submission functions. The code I had produced…
    Continue Reading
    13635
  • by Falk
    DB Backup security patch
    As you know a flaw was discovered recently which allows a malicious user to grab any db backup file created…
    Continue Reading
    12708
  • by Falk
    BB Code security patch
    Two security flaws have recently been discovered in the bb code parsing by two of our users. Grindordie found that…
    Continue Reading
    14596
  • by Falk
    Improved IMG BBCode fix
    The recent img bbcode patchfixed one problem but it is still exploitable under certain conditions. I have been working on…
    Continue Reading
    19196
  • by Falk
    Private Message system open to exploits
    I have been alerted to some sql injection exploits in PHP-Fusion's private message system. The problem is that…
    Continue Reading
    16117
  • by Admin
    Another XSS exploit fix
    Another XSS exploit has been discovered that allows a malicious user to steal your cookie. Thankfully it was rather easy…
    Continue Reading
    28348
  • by Admin
    Vulnerability in Private Messages
    Following a Secunia advisory (PHP-Fusion "msg_send" SQL Injection Vulnerability) I have released an updated messages.php script for existing…
    Continue Reading
    19934
  • by Falk
    v6.00.205 - Multiple exploit fixes
    Files Updated: I've discovered two potential problems in infusions -> shoutbox_panel -> shoutbox_archive.php and the new news.php script. For…
    Continue Reading
    19470
  • by Falk
    New hole in messages.php.
    With more holes than a domestic sieve, messages.php has had yet another xss exploit discovered and fixed. This script…
    Continue Reading
    16336
  • by Falk
    Final update v6.00.306
    I was hoping to keep this fix silent until the release of v6.00.400, but it has come to…
    Continue Reading
    29224
  • by Falk
    Critical update - v6.00.307
    A new exploit has been revealed by rgod. It allows php files to be uploaded as avatars by allowing multiple…
    Continue Reading
    24581
  • by Admin
    Message.php exploit fix, again.
    It's just cursed, messages.php has yet another security issue (I've lost count now). Well, not to worry…
    Continue Reading
    21883