Lucene search
K

4 matches found

CVE
CVE
added 2014/01/22 7:0 p.m.43 views

CVE-2013-2750

CVE-2013-2750 is an XSS in e107, specifically in e107_plugins/content/handlers/content_preset.php, exploitable when user-supplied input in GET parameters is not properly sanitized (notably via %00/%0d%0a sequences). Affected product: e107 prior to 1.0.3. Impact as described: remote attacker can i...

4.3CVSS5.7AI score0.03219EPSS
Exploits2References3Affected Software1
seebug.org
seebug.org
added 2013/04/08 12:0 a.m.19 views

e107 'content_preset.php'跨站脚本漏洞(CVE-2013-2750)

Bugtraq ID:58841 CVE ID:CVE-2013-2750 e107是一款内容管理系统。 e107没有正确过滤GET参数中"%00"组合"%0d%0a"的字符输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可获得敏感信息或劫持用户会话。 0 e107 v1.0.2 厂商解决方案 e107 v1.0.3已经修复此漏洞,建议用户下载更新: http://e107.org/ http://host/e107plugins/content/handlers/contentpreset.php? %3c%00script%0d%0aalert'reflexted%20XSS'/scr...

4.3CVSS6.6AI score0.03219EPSS
Exploits2
Packet Storm
Packet Storm
added 2013/04/03 12:0 a.m.46 views

e107 CMS 1.0.2 Cross Site Scripting

TC-SA-2013-01: Reflected Cross-Site-Scripting XSS vulnerability in e107 CMS v1.0.2 Published: 2013/04/03 Version 1.0 Affected Products: e107 version 1.0.2 others not tested http://www.e107.org References: TC-SA-2013-01 www.tele-consulting.com/advisories/TC-SA-2013-01.txt used for updates...

4.3CVSS6.6AI score0.03219EPSS
Exploits2
Circl
Circl
added 2013/04/03 12:0 a.m.42 views

CVE-2013-2750

creationtimestamp| type| source ---|---|--- 2013-04-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38416...

4.3CVSS6.8AI score0.03219EPSS
Exploits2References1
Rows per page
Query Builder