Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-3256

Malware in sbrugna...

4.3CVSS6.4AI score0.0421EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-4744

Malware in sbrugna...

4.6CVSS6.4AI score0.00878EPSS
Exploits0References4
NVD
NVD
added 2006/09/14 9:7 p.m.27 views

CVE-2006-4794

Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string PATHINFO in 1 contact.php, 2 download.php, 3 admin.php, 4 fpw.php, 5 news.php, 6 search.php, 7 signup.php, 8 submitnews.php, and 9 user.php. NOTE: the...

4.3CVSS5.6AI score0.0459EPSS
Exploits1References11
Cvelist
Cvelist
added 2006/09/14 9:0 p.m.28 views

CVE-2006-4794

Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string PATHINFO in 1 contact.php, 2 download.php, 3 admin.php, 4 fpw.php, 5 news.php, 6 search.php, 7 signup.php, 8 submitnews.php, and 9 user.php. NOTE: the...

5.6AI score0.0459EPSS
Exploits1References11
CVE
CVE
added 2006/09/14 9:0 p.m.63 views

CVE-2006-4794

CVE-2006-4794 describes multiple XSS vulnerabilities in e107 0.7.5 via the PATH_INFO query string in numerous PHP pages (contact.php, download.php, admin.php, etc.). Connected records indicate a broader XSS family affecting e107 0.7.16 and earlier (admin/ and related files such as submitnews.php,...

4.3CVSS5.6AI score0.0459EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2006/09/13 11:0 p.m.22 views

CVE-2006-4757

Multiple SQL injection vulnerabilities in the admin section in e107 0.7.5 allow remote authenticated administrative users to execute arbitrary SQL commands via the 1 linkopentype, 2 linkrender, 3 linkclass, and 4 linkid parameters in a links.php; the 5 searchquery parameter in b users.php; and th...

8.1AI score0.00878EPSS
Exploits0References3
CVE
CVE
added 2006/09/13 11:0 p.m.47 views

CVE-2006-4757

CVE-2006-4757 affects the e107 CMS version 0.7.5. The vulnerability is described as multiple SQL injection flaws in the admin section, enabling remote authenticated administrative users to execute arbitrary SQL commands via the following parameters: (1) linkopentype, (2) linkrender, (3) link_clas...

4.6CVSS8.5AI score0.00878EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2006/09/04 12:0 a.m.70 views

Sql injections in e107 [Admin section]

Hi, There are several sql injections in e107 0.7.5 admin section : I The "linkopentype", "linkrender" and "linkclass" parameters are passed to "dbInsert" function without checking : File /e107admin/links.php, Line 496 : $sql-dbInsert"links", "0, '$linkname', '$linkurl', '$linkdescription',...

2.1AI score
Exploits0
Prion
Prion
added 2006/05/25 10:2 a.m.18 views

Code injection

Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit"...

5CVSS6.8AI score0.0116EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder