3 matches found
CVE-2010-4757
Cross-site scripting XSS vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnewstitle parameter, a different vector than CVE-2008-6208. NOTE: some of these details are obtained from third party information. NOTE: this...
CVE-2009-4083
Multiple cross-site scripting XSS vulnerabilities in e107 0.7.16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in 1 submitnews.php, 2 usersettings.php; and 3 newpost.php, 4 banlist.php, 5 banner.php, 6 cpage.php, 7 download.php, 8...
CVE-2009-4083
CVE-2009-4083 describes multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.16 and earlier. The XSS is via unspecified vectors affecting numerous admin/file paths (submitnews.php, usersettings.php, newpost.php, banlist.php, banner.php, cpage.php, download.php, users_extended.php, fron...