Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e107 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2003-1191
chatbox.php in e107 0.554 and 0.603 allows remote malicious users to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.
E107 E107 0.545
E107 E107 0.603
1 EDB exploit
440
VMScore
CVE-2004-2040
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote malicious users to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg ...
E107 E107 0.6 15a
E107 E107 0.6 15
2 EDB exploits
668
VMScore
CVE-2004-2042
Multiple SQL injection vulnerabilities in e107 0.615 allow remote malicious users to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.php.
E107 E107 0.615a
E107 E107 0.615
435
VMScore
CVE-2006-0857
Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote malicious users to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element.
E107 Chatbox Plugin 1.0
E107 E107 0.7.2
1 EDB exploit
755
VMScore
CVE-2004-2262
ImageManager in e107 prior to 0.617 does not properly check the types of uploaded files, which allows remote malicious users to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
E107 E107
1 EDB exploit
668
VMScore
CVE-2005-1949
The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote malicious users to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.
E107 E107
445
VMScore
CVE-2005-3594
game_score.php in e107 allows remote malicious users to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.
E107 E107
605
VMScore
CVE-2021-27885
usersettings.php in e107 up to and including 2.3.0 lacks a certain e_TOKEN protection mechanism.
E107 E107
668
VMScore
CVE-2005-2559
doping.php in ePing plugin 1.02 and previous versions for e107 portal allows remote malicious users to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&am...
E107 E107
NA
CVE-2023-36121
Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote malicious user to execute arbitrary code via the description function in the SEO project.
E107 E107 2.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »