EUVD-2010-4722

Malware in sbrugna...

EUVD-2008-6178

Malware in sbrugna...

CVE-2010-4757

Cross-site scripting XSS vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnewstitle parameter, a different vector than CVE-2008-6208. NOTE: some of these details are obtained from third party information. NOTE: this...

CVE-2010-4757

The CVE-2010-4757 entry describes a cross-site scripting (XSS) vulnerability in e107’s submitnews.php, exploitable via the submitnews_title parameter in versions before 0.7.23. This is a client-side script injection risk affecting e107, with impact limited to arbitrary script execution in the use...

e107 submitnews.php XSS

The version of e107 on the remote host is affected by a cross-site scripting vulnerability because the 'submitnews.php' script fails to properly sanitize user-supplied input. A remote attacker can exploit this by tricking a user into making a specially crafted POST request. There are reportedly...

CVE-2008-6208

CVE-2008-6208 is an XSS vulnerability in e107 CMS 0.7.11 affecting submitnews.php. The vulnerability enables remote attackers to inject arbitrary script/HTML via the (1) author_name, (2) itemtitle, and (3) item parameters. The NVD entry notes the vulnerability as XSS with a medium base score (4.3...

CVE-2008-6208

Cross-site scripting XSS vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the 1 authorname, 2 itemtitle, and 3 item parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...

CVE-2006-4794

Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string PATHINFO in 1 contact.php, 2 download.php, 3 admin.php, 4 fpw.php, 5 news.php, 6 search.php, 7 signup.php, 8 submitnews.php, and 9 user.php. NOTE: the...