5 matches found
Sql injection
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref'cookiename'...
CVE-2006-0857
Cross-site scripting XSS vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element...
Cross site scripting
Cross-site scripting XSS vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element...
CVE-2006-0857
Cross-site scripting XSS vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element...
CVE-2006-0857
CVE-2006-0857 is an XSS vulnerability in the Chatbox Plugin 1.0 for e107 0.7.2. The issue allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element. Reported impact corresponds to a MEDIUM base score (CVSSv2: 4.3; I: PARTIAL). The connect...