CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2008-4786 – e107 Plugin EasyShop - 'category_id' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-4786
29 Oct 2008 — SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. Vulnerabilidad de inyección de SQL en easyshop.php del plugin EasyShop para e107 permite a un atacante remoto ejecutar comandos SQL de su elección por medio del parámetro category_id. • https://www.exploit-db.com/exploits/6852 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2008-2020
https://notcve.org/view.php?id=CVE-2008-2020
30 Apr 2008 — The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and (8) Labgab 1.1 uses a code_bg.jpg background image and the PHP ImageString function in a way that produces an insufficient number of different images, which allows remote attackers to pass the CAPTCHA test via an automated attack usi... • http://securityreason.com/securityalert/3834 • CWE-330: Use of Insufficiently Random Values •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 2CVE-2008-1989 – e107 module 123 flash chat 6.8.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2008-1989
27 Apr 2008 — PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the e107path parameter. Vulnerabilidad de inclusión de fichero PHP remoto en 123flashchat.php en el módulo 123 Flash Chat 6.8.0 de e107, cuando 'register_globals' está habilitado, permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro "e107patch". • https://www.exploit-db.com/exploits/5459 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 1CVE-2008-1702 – e107 Plugin My_Gallery 2.3 - Arbitrary File Download
https://notcve.org/view.php?id=CVE-2008-1702
08 Apr 2008 — Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote attackers to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de ruta absoluta en dload.php en el plugin my_gallery 2.3 para e107, permite a atacantes remotos obtener información sensible a través de un nombre absoluto de ruta en el parámetro file(archivo). NOTA: algunos de estos detalles d... • https://www.exploit-db.com/exploits/5308 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2007-3429 – e107 < 0.7.8 - 'photograph' Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2007-3429
27 Jun 2007 — Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg. Vulnerabilidad de subida de fichero no restringida en signup.php de e107 0.7.8 y anteriores, cuando la subida de fotografías está habilitada, permite a atacantes remotos subir y ejecutar código PHP de su elección mediante un nombre de fichero con una extensión doble como .ph... • https://www.exploit-db.com/exploits/4099 •
CVSS: 9.1EPSS: 2%CPEs: 1EXPL: 2CVE-2006-5786 – e107 < 0.75 - 'e107language_e107cookie' Local File Inclusion
https://notcve.org/view.php?id=CVE-2006-5786
07 Nov 2006 — Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php. Vulnerabilidad de salto de directorio en class2.php en e107 0.7.5 y anteriores permite a atacantes remotos leer y ejecutar código PHP en ficheros de su elección mediante secuencias ".." en la cookie e107language_e107cookie a gsitemap.php. • https://www.exploit-db.com/exploits/2711 •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 11CVE-2006-4794 – e107 website system 0.7.5 - 'admin.php?Query String (PATH_INFO)' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-4794
14 Sep 2006 — Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) permiten a atac... • https://www.exploit-db.com/exploits/28547 •
CVSS: 8.8EPSS: 0%CPEs: 47EXPL: 0CVE-2006-4757
https://notcve.org/view.php?id=CVE-2006-4757
13 Sep 2006 — Multiple SQL injection vulnerabilities in the admin section in e107 0.7.5 allow remote authenticated administrative users to execute arbitrary SQL commands via the (1) linkopentype, (2) linkrender, (3) link_class, and (4) link_id parameters in (a) links.php; the (5) searchquery parameter in (b) users.php; and the (6) download_category_class parameter in (c) download.php. NOTE: an e107 developer has disputed the significance of the vulnerability, stating that "If your admins are injecting you, you might want... • http://e107.org/e107_plugins/bugtrack/bugtrack.php?id=3195&action=show •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2006-4548
https://notcve.org/view.php?id=CVE-2006-4548
06 Sep 2006 — e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCE_imglib_include image/jpeg parameter in e107_handlers/tiny_mce/plugins/ibrowser/ibrowser.php, as demonstrated by a multipart/form-data request. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix s... • http://retrogod.altervista.org/e107_075_xpl.html •
CVSS: 6.1EPSS: 6%CPEs: 47EXPL: 4CVE-2006-3259 – e107 0.7.5 - 'search.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-3259
27 Jun 2006 — Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment). Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en e107 v0.7.5, permiten a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de (1) el parámetro ep en search.php y (2) el par... • https://www.exploit-db.com/exploits/28063 •