976 matches found
CVE-2025-11941 e107 CMS Avatar image.php path traversal
A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...
CVE-2025-11941 e107 CMS Avatar image.php path traversal
A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...
CVE-2025-11941
CVE-2025-11941 affects e107 CMS up to version 2.3.3. The vulnerability is in the Avatar Handler, specifically file /e107_admin/image.php?mode=main&action=avatar, where manipulation of the multiaction[] parameter triggers path traversal. Attacks can be launched remotely and the exploit is public. ...
e107 路径遍历漏洞
e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance themes, and can be used as a personal blog, discussion community, archive repository and so on. A path traversal vulnerability exists in...
CVE-2025-61505
e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...
EUVD-2025-33763
e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...
CVE-2025-61505
e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...
CVE-2025-61505
e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...
CVE-2025-61505
The CVE concerns e107 CMS ≤ 2.3.3 with insecure deserialization in install.php. The code processes user-supplied previous_steps via unserialize(base64_decode()), enabling crafted serialized payloads that can cause remote code execution, arbitrary file operations, or DoS if PHP object gadgets exis...
PT-2025-41591
Name of the Vulnerable Software and Affected Versions e107 CMS versions through 2.3.3 Description The software contains a flaw due to insecure deserialization in the install.php script. The script processes user-controlled input received in the previous steps POST parameter using unserializebase6...
CVE-2025-61505
e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...
e107 安全漏洞
e107 is an open source, free and PHP and MySQL based content management system CMS by the E107 team. The system supports a wide range of plug-ins and look-alike themes, and can be used as a personal blog, discussion community, archive repository, and so on. A security vulnerability exists in e107...
EUVD-2011-4831
Malware in sbrugna...
EUVD-2011-1514
Malware in sbrugna...
EUVD-2008-1703
Malware in sbrugna...
EUVD-2006-5770
Malware in sbrugna...
EUVD-2006-2589
Malware in sbrugna...
EUVD-2006-4781
Malware in sbrugna...
EUVD-2018-3169
Malware in sbrugna...
EUVD-2018-8227
Malware in sbrugna...