Vendor Dictionary: e107.org

e107.org

Short Name:	e107
Previous Names:	[None Entered]
URL:	http://www.e107.org/ [visit link]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

e107.org

e107.org

e107: 0.554; OSVDB ID: 2305 e107 class2.php Multiple Parameter XSS; 0.545; OSVDB ID: 2753 e107 Chatbox.php Name Parameter DoS; 0.603; OSVDB ID: 2753 e107 Chatbox.php Name Parameter DoS; 0.5x; OSVDB ID: 3855 e107 resetcore.php Change Arbitrary Theme; OSVDB ID: 3856 e107 db.php User Database Disclosure; 0.600; OSVDB ID: 3855 e107 resetcore.php Change Arbitrary Theme; 4.1; OSVDB ID: 3857 e107 User Login Administrative Privilege; 4.0; OSVDB ID: 3858 e107 Unspecified Login Issue; 3.0; OSVDB ID: 3859 e107 administrator.php Unspecified Security Issue; 0.614; OSVDB ID: 5982 e107 Login Name/Author XSS; OSVDB ID: 6530 e107 secure_img_render.php p Parameter Remote File Inclusion; OSVDB ID: 6533 e107 news.php list Parameter SQL Injection; OSVDB ID: 6531 e107 content.php Multiple Parameter SQL Injection; OSVDB ID: 6526 e107 clock_menu.php LAN_407 Parameter XSS; OSVDB ID: 6527 e107 "email article to a friend" Feature XSS; OSVDB ID: 6528 e107 "submit news" Feature XSS; OSVDB ID: 6529 e107 usersettings.php avmsg Parameter XSS; OSVDB ID: 6525 e107 Multiple Menu Path Disclosure; Unknown or Unspecified; OSVDB ID: 6410 e107 user.php Multiple Parameter XSS; OSVDB ID: 6345 e107 Site Statistics log.php referer Parameter XSS; 0.615; OSVDB ID: 6530 e107 secure_img_render.php p Parameter Remote File Inclusion; OSVDB ID: 6533 e107 news.php list Parameter SQL Injection; OSVDB ID: 6531 e107 content.php Multiple Parameter SQL Injection; OSVDB ID: 6526 e107 clock_menu.php LAN_407 Parameter XSS; OSVDB ID: 6527 e107 "email article to a friend" Feature XSS; OSVDB ID: 6528 e107 "submit news" Feature XSS; OSVDB ID: 6529 e107 usersettings.php avmsg Parameter XSS; OSVDB ID: 6525 e107 Multiple Menu Path Disclosure; 0.617; OSVDB ID: 17569 e107 admin.php Administrator Account Enumeration; OSVDB ID: 17570 e107 plugins.php Direct Request Path Disclosure; OSVDB ID: 17571 e107 theme.php Direct Request Path Disclosure; OSVDB ID: 17572 e107 usersettings.php Arbitrary HTML Injection; OSVDB ID: 17573 e107 forum_post.php Multiple Field XSS; OSVDB ID: 17574 e107 comment.php Comment Field XSS; OSVDB ID: 17616 e107 footer_default.php Direct Request Path Disclosure; OSVDB ID: 17617 e107 header_default.php Direct Request Path Disclosure; OSVDB ID: 18079 e107 BBcode Nested URL/Link Tag XSS; OSVDB ID: 12586 e107 images.php Arbitrary File Upload; 0.616; OSVDB ID: 18079 e107 BBcode Nested URL/Link Tag XSS; 0.7; OSVDB ID: 21657 e107 signup.php Multiple Parameter SQL Injection; OSVDB ID: 21658 e107 subcontent.php Multiple Parameter SQL Injection; OSVDB ID: 21660 e107 usersettings.php Multiple Parameter SQL Injection; OSVDB ID: 21659 e107 upload.php Multiple Parameter SQL Injection; 0.6174; OSVDB ID: 21657 e107 signup.php Multiple Parameter SQL Injection; OSVDB ID: 21658 e107 subcontent.php Multiple Parameter SQL Injection; OSVDB ID: 21660 e107 usersettings.php Multiple Parameter SQL Injection; OSVDB ID: 21659 e107 upload.php Multiple Parameter SQL Injection; 0.7.2; OSVDB ID: 25521 e107 e107_cookie Parameter SQL Injection; 0.7.5; OSVDB ID: 25739 e107 Unspecified SQL Injection; OSVDB ID: 30979 e107 contact.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30987 e107 download.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30980 e107 admin.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30981 e107 fpw.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30982 e107 news.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30983 e107 search.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30984 e107 signup.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30985 e107 submitnews.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 30986 e107 user.php Query String (PATH_INFO) Parameter XSS; OSVDB ID: 25740 e107 email.php Arbitrary Mail Relay; 0.7.4; OSVDB ID: 25739 e107 Unspecified SQL Injection; OSVDB ID: 25740 e107 email.php Arbitrary Mail Relay; 0.7.11; OSVDB ID: 47482 e107 download.php extract() Function Variable Overwrite; 0.7.20; OSVDB ID: 63937 e107 e107_admin/banner.php click_url Parameter SQL Injection; 0.7.19; OSVDB ID: 63910 e107 Crafted .php.filetypesphp Image File Upload Arbitrary PHP Code Execution; OSVDB ID: 63911 e107 e107_plugins/content/content_manager.php content_heading Parameter XSS; 0.7.22; OSVDB ID: 67368 e107 Multiple Admin Function CSRF; OSVDB ID: 67367 e107 submitnews.php submitnews_title Parameter XSS; 0.7.25; OSVDB ID: 71703 e107 Admin Functions CSRF

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.