E107 : Security Vulnerabilities, CVEs, Published In 2015 (XSS)
Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the "Real Name" value.
Max CVSS
4.3
EPSS Score
0.21%
Published
2015-01-16
Updated
2017-09-08
Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php in e107 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the e107_files/ file path in the QUERY_STRING.
Max CVSS
4.3
EPSS Score
0.38%
Published
2015-01-15
Updated
2017-09-08
2 vulnerabilities found