e107 e107 0.7.5 vulnerabilities and exploits

(subscribe to this query)

668

VMScore

e107 0.75 and previous versions does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary PHP code via the tinyMCE_imglib_include i...

E107 E107 0.7.4 E107 E107 0.7.5 E107 E107 0.7 E107 E107 0.7.1 E107 E107 0.7.2 E107 E107 0.7.3

445

VMScore

Unspecified vulnerability in e107 prior to 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit".

E107 E107 0.7.5

755

VMScore

Directory traversal vulnerability in class2.php in e107 0.7.5 and previous versions allows remote malicious users to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.

E107 E107 0.7.5

1 EDB exploit

475

VMScore

Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote malicious users to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (...

E107 E107 0.7.5

9 EDB exploits

570

VMScore

SQL injection vulnerability in e107 prior to 0.7.5 allows remote malicious users to execute arbitrary SQL commands via unknown attack vectors.

E107 E107 0.7.5

685

VMScore

Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and previous versions, when photograph upload is enabled, allows remote malicious users to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg.

E107 E107 0.7.6 E107 E107 0.7.7 E107 E107 0.7 E107 E107 0.7.1 E107 E107 0.7.8 E107 E107 0.7.4 E107 E107 0.7.5 E107 E107 0.7.2 E107 E107 0.7.3

1 EDB exploit

Get Started

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook