This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:e107:e107:0.553:beta |
| Detail | |||
|---|---|---|---|
| Vendor | e107 | First view | 2010-04-20 |
| Product | e107 | Last view | 2012-02-14 |
| Version | 0.553 | Type | Application |
| Edition | |||
| Language | |||
| Update | beta | ||
| CPE Product | cpe:/a:e107:e107 | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 6 | 2012-02-14 | CVE-2010-5084 | Network | Medium | Requires ... | |
| 7.5 | 2011-11-04 | CVE-2011-1513 | Network | Low | None Requ... | |
| 4.3 | 2011-03-15 | CVE-2011-0457 | Network | Medium | None Requ... | |
| 4.3 | 2011-03-15 | CVE-2010-4757 | Network | Medium | None Requ... | |
| 7.5 | 2010-05-27 | CVE-2010-2099 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 7.5 | 2010-05-27 | CVE-2010-2098 | Network | Low | None Requ... | |
| 6 | 2010-04-20 | CVE-2010-0996 | Network | Medium | Requires ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 20% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 20% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77042 | e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution |
| 67367 | e107 submitnews.php submitnews_title Parameter XSS |
| 65243 | e107 bbcode/php.bb Access Control Check Weakness Arbitrary PHP Code Execution |
| 65056 | e107 usersettings.php loginname Parameter Blacklist Weakness SQL Injection |
| 63910 | e107 Crafted .php.filetypesphp Image File Upload Arbitrary PHP Code Execution |
