Intrusion Prevention

Fusion.SBX.Authentication.Bypass

Description

Fusion SBX has an authentication-bypass vulnerability. A remote attacker could bypass security restrictions and execute arbitrary PHP code on the system, via parameters "is_logged" and " maxname2".

Affected Products

Fusion SBX version 1.2 and prior.

Impact

Bypass Security

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://www.fusionphp.net/

CVE References

CVE-2005-1596