Lucene search
+L

976 matches found

Cvelist
Cvelist
added 2025/10/19 3:32 p.m.20 views

CVE-2025-11941 e107 CMS Avatar image.php path traversal

A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...

5.5CVSS0.00853EPSS
Exploits1References5
OSV
OSV
added 2025/10/19 3:32 p.m.8 views

CVE-2025-11941 e107 CMS Avatar image.php path traversal

A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...

5.3CVSS5.8AI score0.00853EPSS
Exploits1References7
CVE
CVE
added 2025/10/19 3:32 p.m.15 views

CVE-2025-11941

CVE-2025-11941 affects e107 CMS up to version 2.3.3. The vulnerability is in the Avatar Handler, specifically file /e107_admin/image.php?mode=main&action=avatar, where manipulation of the multiaction[] parameter triggers path traversal. Attacks can be launched remotely and the exploit is public. ...

8.1CVSS5.5AI score0.00853EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/10/19 12:0 a.m.7 views

e107 路径遍历漏洞

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance themes, and can be used as a personal blog, discussion community, archive repository and so on. A path traversal vulnerability exists in...

8.1CVSS5.4AI score0.00853EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/11 12:20 a.m.10 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

6.5CVSS8AI score0.00334EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/10 9:31 p.m.7 views

EUVD-2025-33763

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

6.5CVSS7.5AI score0.00334EPSS
Exploits1References3
NVD
NVD
added 2025/10/10 7:15 p.m.20 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

6.5CVSS0.00334EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/10 12:0 a.m.4 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

7.6AI score0.00334EPSS
Exploits1References2
CVE
CVE
added 2025/10/10 12:0 a.m.20 views

CVE-2025-61505

The CVE concerns e107 CMS ≤ 2.3.3 with insecure deserialization in install.php. The code processes user-supplied previous_steps via unserialize(base64_decode()), enabling crafted serialized payloads that can cause remote code execution, arbitrary file operations, or DoS if PHP object gadgets exis...

6.5CVSS7.6AI score0.00334EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.9 views

PT-2025-41591

Name of the Vulnerable Software and Affected Versions e107 CMS versions through 2.3.3 Description The software contains a flaw due to insecure deserialization in the install.php script. The script processes user-controlled input received in the previous steps POST parameter using unserializebase6...

6.5CVSS7.7AI score0.00334EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/10 12:0 a.m.34 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

0.00334EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.5 views

e107 安全漏洞

e107 is an open source, free and PHP and MySQL based content management system CMS by the E107 team. The system supports a wide range of plug-ins and look-alike themes, and can be used as a personal blog, discussion community, archive repository, and so on. A security vulnerability exists in e107...

6.5CVSS8.1AI score0.00334EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4831

Malware in sbrugna...

4.3CVSS6.4AI score0.01341EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-1514

Malware in sbrugna...

7.5CVSS6.4AI score0.05786EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1703

Malware in sbrugna...

4.3CVSS6.4AI score0.05718EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-5770

Malware in sbrugna...

7.5CVSS6.4AI score0.02423EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-2589

Malware in sbrugna...

6.4CVSS6.4AI score0.01156EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-4781

Malware in sbrugna...

4.3CVSS6.4AI score0.0459EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3169

Malware in sbrugna...

6.5CVSS6.5AI score0.0053EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-8227

Malware in sbrugna...

6.1CVSS6.6AI score0.00707EPSS
Exploits1References2
Rows per page
Query Builder