6 matches found
EUVD-2004-2031
Malware in sbrugna...
CVE-2018-11127
e107 2.1.7 has CSRF resulting in arbitrary user deletion...
e107 <= 2.1.4 keyword Blind SQL Injection Exploit
Exploit for php platform in category web applications !/usr/bin/perl e107 = 2.1.4 "keyword" Blind SQL Injection Exploit -------------------------------------------------------------------------- Discovered by staker - stakerathotmaildotit Discovered on 09/03/2017 Site Vendor: http://www.e107.org...
CVE-2013-7305
fpw.php in e107 through 1.0.4 does not check the userban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail account of a banned user...
e107 0.7.23 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/43327/info e107 is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modif...
CVE-2006-2591
Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit"...