CVE-2020-23184
A stored cross site scripting (XSS) vulnerability in /administration/settings_registration.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Registration" field.
We have discovered 80 live websites that are affected by CVE-2020-23184.
Affected Software
| Product |  PHPFusion |
| Category | Content Management System |
| Vulnerable Domains | 80 live websites (45% of PHPFusion install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 11 versions ( 55% of all versions) |
Details
- Published - Jul 2, 2021
- Updated - Aug 4, 2024
CVE References
Website Distribution by Country
Number of websites using CVE-2020-23184 United States | 11 websites |
 Netherlands | 16 websites |
 Germany | 14 websites |
 GB | 12 websites |
 Poland | 11 websites |
 Denmark | 3 websites |
 Czech Republic | 2 websites |
 Slovakia | 2 websites |
 Belgium | 1 websites |
 China | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2020-23184| .eu | 13 websites |
| .com | 11 websites |
| .de | 10 websites |
| .nl | 8 websites |
| .pl | 7 websites |
| .co.uk | 5 websites |
| .org | 4 websites |
| .dk | 4 websites |
| .info | 2 websites |
| .net | 2 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2020-23184
Top websites that are affected by CVE-2020-23184. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *******.****.org | Netherlands | *,***,*** | |
| *******.***.la |  Laos | *,***,*** | |
| **********.**.uk | GB | *,***,*** | |
| *********.com |  France | *,***,*** | |
| ******.ro |  Romania | *,***,*** | |
| *********.pl | Poland | *,***,*** | |
| **********.eu | Czech Republic | *,***,*** | |
| ********.*******.eu | Poland | *,***,*** | |
| ***.************.nl | Netherlands | *,***,*** | |
| **************.nl | Netherlands | **,***,*** |