e107 -- code execution and XSS vulnerabilities

ID A4746A86-4C89-11DF-83FB-0015587E2CC1
Type freebsd
Reporter FreeBSD
Modified 2010-04-15T00:00:00


Secunia Research reported two vulnerabilities in e107: The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "content_heading" parameter correctly and is therefore vulnerable to a cross site scripting attack. The second vulnerability is related to the avatar upload functionality. Images containing PHP code can be uploaded and executed.