VULHUB ™

Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to compromise a vulnerable system by gaining administrative privileges. The problem is reported to be present in Fusion News 3.3, however older versions may be vulnerable as well.

Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to compromise a vulnerable system by gaining administrative privileges. The problem is reported to be present in Fusion News 3.3, however older versions may be vulnerable as well.