Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e107 e107 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6114
SQL injection vulnerability in product_details.php in the Mytipper Zogo-shop 1.15.4 plugin for e107 allows remote malicious users to execute arbitrary SQL commands via the product parameter.
Mytipper Zogo Shop 1.15.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-6069
SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 for e107, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the nick parameter.
123flashchat Echat Plugin 4.2
7.5
CVSSv2
CVE-2008-2447
SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Mytipper Zogo Shop 1.15.5
Mytipper Zogo Shop 1.16
1 EDB exploit
4.3
CVSSv2
CVE-2004-2261
Cross-site scripting (XSS) vulnerability in e107 allows remote malicious users to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions.
7.5
CVSSv2
CVE-2004-2041
PHP remote file inclusion vulnerability in secure_img_render.php in e107 0.615 allows remote malicious users to execute arbitrary PHP code by modifying the p parameter to reference a URL on a remote web server that contains the code.
5
CVSSv2
CVE-2005-4052
e107 0.6174 allows remote malicious users to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default installation, the e_BASE variable restricts the redirection to the same web site.
NA
CVE-2011-15133
Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed wh...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9