Published: 14/09/2006 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 475

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to E107

Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote malicious users to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
e107 e107 0.7.5

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This may ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This may let th ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site Thi ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This may le ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This may let ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site T ...

source: wwwsecurityfocuscom/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This ma ...

NVD-CWE-Other http://www.securityfocus.com/data/vulnerabilities/exploits/19997.html http://www.securityfocus.com/bid/19997 http://www.osvdb.org/30979 http://www.osvdb.org/30980 http://www.osvdb.org/30981 http://www.osvdb.org/30982 http://www.osvdb.org/30984 http://www.osvdb.org/30985 http://www.osvdb.org/30986 http://www.osvdb.org/30987 http://www.osvdb.org/30983 https://nvd.nist.gov https://www.exploit-db.com/exploits/28548/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook