Vulnerabilities

CVE-2023-53928 - PHPFusion 9.10.30 Stored Cross-Site Scripting via File Manager Upload

2025-12-18 0 views admin
CVE-2023-53928 - PHPFusion 9.10.30 Stored Cross-Site Scripting via File Manager Upload

CVE ID : CVE-2023-53928 Published : 17. Dezember 2025 23:15 | 1 Stunde, 38 Minuten ago Description : PHPFusion 9.10.30 contains a stored cross-site scripting vulnerability in the file manager that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload SVG files with script tags that execute arbitrary JavaScript when viewed, potentially stealing user session information or performing client-side attacks. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
MEDIUM

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2023-53928medium

More from Vulnerabilities

CVE-2025-47319 - Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

CVE-2025-47319 - Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

2025-12-18 0
CVE-2025-27063 - Use After Free in Video

CVE-2025-27063 - Use After Free in Video

2025-12-18 0
CVE-2025-47325 - Untrusted Pointer Dereference in TZ Firmware

CVE-2025-47325 - Untrusted Pointer Dereference in TZ Firmware

2025-12-18 0
CVE-2025-47323 - Integer Overflow or Wraparound in Audio

CVE-2025-47323 - Integer Overflow or Wraparound in Audio

2025-12-18 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views