Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e107 e107 2.1.8 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16381
e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.
E107 E107 2.1.8
6.5
CVSSv2
CVE-2018-16388
e107_web/js/plupload/upload.php in e107 2.1.8 allows remote malicious users to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.
E107 E107 2.1.8
5.5
CVSSv2
CVE-2018-16389
e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter.
E107 E107 2.1.8
6.8
CVSSv2
CVE-2018-15901
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
E107 E107 2.1.8
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started