CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2805
https://notcve.org/view.php?id=CVE-2005-2805
06 Sep 2005 — forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number. • http://marc.info/?l=bugtraq&m=112544896117131&w=2 •
CVSS: 6.1EPSS: 0%CPEs: 37EXPL: 2CVE-2005-2327 – e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure
https://notcve.org/view.php?id=CVE-2005-2327
20 Jul 2005 — Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags. Vulnerabilidad de secuencia de comandos en sitios cruzados en e107 0.617 y anteriores permite que atacantes remotos inyecten script web arbitrario o HTML mediante tags anidadas " [URL]BBCode". • https://www.exploit-db.com/exploits/1106 •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2004-2261
https://notcve.org/view.php?id=CVE-2004-2261
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. • http://secunia.com/advisories/11567 •
CVSS: 9.8EPSS: 21%CPEs: 1EXPL: 2CVE-2004-2262 – e107 - 'include()' Remote File Upload
https://notcve.org/view.php?id=CVE-2004-2262
31 Dec 2004 — ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php. • https://www.exploit-db.com/exploits/704 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 1CVE-2004-2028 – e107 Website System 0.5/0.6 - 'Log.php' HTML Injection
https://notcve.org/view.php?id=CVE-2004-2028
21 May 2004 — Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php. • https://www.exploit-db.com/exploits/24138 •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 2CVE-2004-2031
https://notcve.org/view.php?id=CVE-2004-2031
21 May 2004 — Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. • http://marc.info/?l=bugtraq&m=108541119526279&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 4CVE-2003-1191 – E107 - 'Chatbox.php' Denial of Service
https://notcve.org/view.php?id=CVE-2003-1191
29 Oct 2003 — chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded. • https://www.exploit-db.com/exploits/23311 •