CVE-2011-4920
CVE-2011-4920 describes multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26 and other versions before 1.0.0. The issues allow remote attackers to inject arbitrary web script or HTML via specific URLs/components: (1) e107_images/thumb.php, (2) rate.php, (3) the resend_name parameter...