PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the e107path parameter.
Max CVSS
10.0
EPSS Score
2.19%
Published
2008-04-27
Updated
2017-09-29
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC.
Max CVSS
8.8
EPSS Score
0.10%
Published
2019-05-24
Updated
2019-05-29
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Max CVSS
8.8
EPSS Score
0.18%
Published
2018-08-28
Updated
2018-11-02
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
Max CVSS
8.8
EPSS Score
2.50%
Published
2021-03-02
Updated
2021-03-18
Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.php.
Max CVSS
7.5
EPSS Score
2.02%
Published
2004-05-29
Updated
2017-07-11
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
Max CVSS
7.5
EPSS Score
5.07%
Published
2004-12-31
Updated
2024-01-26
The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.
Max CVSS
7.5
EPSS Score
2.93%
Published
2005-06-16
Updated
2016-10-18
The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter.
Max CVSS
7.5
EPSS Score
0.39%
Published
2005-06-10
Updated
2016-10-18
doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.
Max CVSS
7.5
EPSS Score
2.03%
Published
2005-08-16
Updated
2016-10-18
SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.
Max CVSS
7.5
EPSS Score
1.10%
Published
2005-11-06
Updated
2017-07-11
Multiple "potential" SQL injection vulnerabilities in e107 0.7 might allow remote attackers to execute arbitrary SQL commands via (1) the email, hideemail, image, realname, signature, timezone, and xupexist parameters in signup.php, (2) the content_comment, content_rating, and content_summary parameters in subcontent.php, (3) the download_category and file_demo in upload.php, and (4) the email, hideemail, user_timezone, and user_xup parameters in usersettings.php.
Max CVSS
7.5
EPSS Score
1.01%
Published
2005-12-14
Updated
2018-10-19
e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCE_imglib_include image/jpeg parameter in e107_handlers/tiny_mce/plugins/ibrowser/ibrowser.php, as demonstrated by a multipart/form-data request. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in e107.
Max CVSS
7.5
EPSS Score
0.88%
Published
2006-09-06
Updated
2018-10-17
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
Max CVSS
7.5
EPSS Score
1.79%
Published
2006-11-07
Updated
2017-10-19
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and (8) Labgab 1.1 uses a code_bg.jpg background image and the PHP ImageString function in a way that produces an insufficient number of different images, which allows remote attackers to pass the CAPTCHA test via an automated attack using a table of all possible image checksums and their corresponding digit strings.
Max CVSS
7.5
EPSS Score
0.42%
Published
2008-04-30
Updated
2024-02-14
SQL injection vulnerability in the search feature in e107 0.7.16 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.14%
Published
2009-11-29
Updated
2018-10-10
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
Max CVSS
7.5
EPSS Score
0.17%
Published
2010-05-27
Updated
2012-12-13
bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method.
Max CVSS
7.5
EPSS Score
1.64%
Published
2010-05-27
Updated
2010-05-28
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
Max CVSS
7.5
EPSS Score
0.82%
Published
2011-11-04
Updated
2017-08-17
e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107_admin/menus.php, related to the menuSaveVisibility function.
Max CVSS
7.2
EPSS Score
0.09%
Published
2017-05-29
Updated
2017-06-07
e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.
Max CVSS
7.2
EPSS Score
0.43%
Published
2018-09-12
Updated
2018-11-02
Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg.
Max CVSS
6.8
EPSS Score
4.08%
Published
2007-06-27
Updated
2017-10-11
SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.
Max CVSS
6.8
EPSS Score
0.58%
Published
2012-08-31
Updated
2017-08-29
Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter.
Max CVSS
6.8
EPSS Score
0.19%
Published
2012-08-31
Updated
2017-08-29
Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks via the news_title parameter in a create action.
Max CVSS
6.8
EPSS Score
0.69%
Published
2013-01-03
Updated
2013-01-07
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3) download_author_email, (4) download_author_website, (5) download_image, (6) download_thumb, (7) download_visible, or (8) download_class parameter.
Max CVSS
6.8
EPSS Score
0.12%
Published
2013-01-03
Updated
2013-01-07
70 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!