E107 : Security Vulnerabilities Published In 2006 (Cross Site Scripting (XSS))
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2006-4794 |
|
1
|
XSS |
2006-09-14 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. |
2 |
CVE-2006-3259 |
|
|
XSS |
2006-06-27 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment). |
3 |
CVE-2006-0857 |
79 |
|
XSS |
2006-02-23 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element. |
4 |
CVE-2006-0682 |
|
|
XSS |
2006-02-15 |
2017-07-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system in e107 before 0.7.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. |
Total number of vulnerabilities :
4
Page :
1
(This Page)