Lucene search
+L

976 matches found

NVD
NVD
added 2004/05/21 4:0 a.m.11 views

CVE-2004-2031

Cross-site scripting XSS vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 MSN, or 3 AIM fields...

4.3CVSS5.7AI score0.01255EPSS
Exploits1References5
NVD
NVD
added 2004/05/21 4:0 a.m.14 views

CVE-2004-2028

Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...

4.3CVSS5.7AI score0.03512EPSS
Exploits0References5
exploitpack
exploitpack
added 2004/05/21 12:0 a.m.26 views

e107 Website System 0.50.6 - Log.php HTML Injection

e107 Website System 0.50.6 - Log.php HTML Injection source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The probl...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2004/05/21 12:0 a.m.105 views

e107 Website System 0.5/0.6 - 'Log.php' HTML Injection

source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself when a user supplies malicious HT...

7AI score
Exploits0
securityvulns
securityvulns
added 2004/03/24 12:0 a.m.76 views

XSS in e107 forum

Существует возможность вставки произвольного HTML код в тело сообщения. Удаленный атакующий может вставить специально отформатированный BB тэг bbcode , чтобы заставить форум отобразить произвольный код сценария в браузере пользователя, просматривающего злонамеренное сообщение. При желании, укорот...

7AI score
Exploits0
securityvulns
securityvulns
added 2004/03/24 12:0 a.m.25 views

XSS в разных форумах

Здравствуйте, 3APA3A. играясь с е107 обнаружил следующее: forum проверено на версии 6.12 возможность вставки BBCode URL=http://some.url"style="position:absolute;left:220px;top:10px;"size=14test /size/URL проверенный:...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2003/10/30 12:0 a.m.21 views

E107 DoS vulnerability

Program: E107 www.e107.org Versions: 0.545 & 0.603 tested, below may also be vulnerable Synopsis: Tagboard Denial of Service vulnerability system wide Security Risk: Medium It's a system wide DoS Author: Blademaster [email protected] www.hackingheaven.com URL:...

6.4AI score
Exploits0
NVD
NVD
added 2003/10/29 5:0 a.m.11 views

CVE-2003-1191

chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service pages fail to load via HTML in the Name field, which prevents the main.php form from being loaded...

5CVSS6.5AI score0.0787EPSS
Exploits1References6
exploitpack
exploitpack
added 2003/10/29 12:0 a.m.22 views

E107 - Chatbox.php Denial of Service

E107 - Chatbox.php Denial of Service source: https://www.securityfocus.com/bid/8930/info It has been reported that E107 may be prone to a denial of service vulnerability. The issue has been reported to exist due to improper handling of user-supplied data in the form of HTML or script code to the...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/29 12:0 a.m.27 views

E107 - 'Chatbox.php' Denial of Service

source: https://www.securityfocus.com/bid/8930/info It has been reported that E107 may be prone to a denial of service vulnerability. The issue has been reported to exist due to improper handling of user-supplied data in the form of HTML or script code to the 'Name:' field of Chatbox.php script...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/07/25 12:0 a.m.19 views

e107 Website System 0.554 - HTML Injection

e107 Website System 0.554 - HTML Injection source: https://www.securityfocus.com/bid/8279/info The e107 content management system is prone to an HTML injection vulnerability. This issue is exposed through the class2.php script. An attacker may exploit this issue by including hostile HTML and scri...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/25 12:0 a.m.27 views

e107 Website System 0.554 - HTML Injection

source: https://www.securityfocus.com/bid/8279/info The e107 content management system is prone to an HTML injection vulnerability. This issue is exposed through the class2.php script. An attacker may exploit this issue by including hostile HTML and script code in certain fields within the form...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/24 12:0 a.m.185 views

e107 website system Vulnerability

Informations : Advisory Name: e107 website system Vulnerability Author: hiruvim [email protected] Discover by: hiruvim [email protected] Website vendor : http://e107.org Affected Systems: All versions Severity: High Platforms: Windows and Unix Issue: Security holes enable attackers to get MySQL...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/07/24 12:0 a.m.70 views

e107 Website System 0.555 - db.php Information Disclosure

e107 Website System 0.555 - db.php Information Disclosure source: https://www.securityfocus.com/bid/8273/info e107 Website System 'db.php' has been reported prone to an information disclosure vulnerability. A remote attacker may exploit this vulnerability to invoke the dumpsql routine without pri...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/07/24 12:0 a.m.18 views

e107 db.php User Database Disclosure

The version of e107 installed on the remote host is affected by an information disclosure vulnerability because of a flaw in the 'admin/db.php' script. This can allow an unauthenticated, remote attacker to obtain a dump of the SQL database used by e107, by sending a specially crafted request. An...

6AI score
Exploits0References3
Exploit DB
Exploit DB
added 2003/07/24 12:0 a.m.30 views

e107 Website System 0.555 - 'db.php' Information Disclosure

source: https://www.securityfocus.com/bid/8273/info e107 Website System 'db.php' has been reported prone to an information disclosure vulnerability. A remote attacker may exploit this vulnerability to invoke the dumpsql routine without prior authentication. Information returned to the attacker ma...

7AI score
Exploits0
Rows per page
Query Builder