Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-3444

Publish Date: 24 Sep 2009

Author: MustLive

                							

                Hello Bugtraq!

I want to warn you about Cross-Site Scripting vulnerability in E107. Which I
found at 31.01.2009 and disclosed recently.

XSS:

At page for sending news to email (http://site/email.php?news.1) it's
possible to conduct XSS attack via Referer header. Particularly it can be
done via flash.

Referer: '&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;

Vulnerable are E107 0.7.16 and previous versions (all versions).

I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3528/).

Best wishes &amp; regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

e107 0.7.16 - Referer header Cross-Site Scripting

Vulmon Search

About

Products

Connect