Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

e107 website system 0.6 - 'email article to a friend' Feature Cross-Site Scripting

Related Vulnerabilities: CVE-2004-2040  
Publish Date: 29 May 2004
Author: Janek Vind
Source / Download Exploit 
                							

                source: http://www.securityfocus.com/bid/10436/info
 
e107 is prone to multiple cross-site scripting, HTML injection, file inclusion, and SQL injection vulnerabilities. This may compromise various security properties of a Web site running the software, including allowing remote attackers to execute malicious PHP code.
 
- HTML injection in the "email article to a friend" and "submit news" pages.:

foobar'><body onload=alert(document.cookie);>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started