2 matches found
CVE-2004-2028
CVE-2004-2028 describes a cross-site scripting (XSS) vulnerability in the PHP component used by the e107 CMS, specifically in the stats.php module. The flaw allows remote attackers to inject arbitrary web script or HTML by manipulating the referer parameter sent to log.php. Affected software is e...
CVE-2004-2028
Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...