CVSS: 4.3EPSS: 0%CPEs: 37EXPL: 2CVE-2005-2327 – e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure
https://notcve.org/view.php?id=CVE-2005-2327
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags. Vulnerabilidad de secuencia de comandos en sitios cruzados en e107 0.617 y anteriores permite que atacantes remotos inyecten script web arbitrario o HTML mediante tags anidadas " [URL]BBCode". • https://www.exploit-db.com/exploits/1106 http://securitytracker.com/id?1014513 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1966
https://notcve.org/view.php?id=CVE-2005-1966
The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. • http://marc.info/?l=bugtraq&m=111868460811287&w=2 http://www.securityfocus.com/bid/13934 •