CVE-2016-10378

e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107admin/menus.php, related to the menuSaveVisibility function...

CVE-2011-0457

Cross-site scripting XSS vulnerability in e107 0.7.22 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-7305

fpw.php in e107 through 1.0.4 does not check the userban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail account of a banned user...

EUVD-2025-33763

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

EUVD-2010-2116

Malware in sbrugna...

EUVD-2005-2328

Malware in sbrugna...

EUVD-2005-4047

Malware in sbrugna...

EUVD-2004-2020

Malware in sbrugna...

EUVD-2009-3426

Malware in sbrugna...

EUVD-2005-4046

Malware in sbrugna...

EUVD-2008-1703

Malware in sbrugna...

EUVD-2015-1184

Malware in sbrugna...

EUVD-2016-1747

Malware in sbrugna...

EUVD-2010-5048

Malware in sbrugna...

EUVD-2006-2590

Malware in sbrugna...

EUVD-2018-9176

Malware in sbrugna...

EUVD-2008-6039

Malware in sbrugna...

EUVD-2003-1181

Malware in sbrugna...

EUVD-2006-5770

Malware in sbrugna...