This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:e107:e107:0.7.11
Detail
Vendore107First view 2008-04-29
Producte107Last view 2012-08-31
Version0.7.11TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:e107:e107

Activity : Yearly

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
6.82012-08-31CVE-2011-4947NetworkMediumNone Requ...
6.82012-08-31CVE-2011-4946NetworkMediumNone Requ...
62012-02-14CVE-2010-5084NetworkMediumRequires ...
7.52011-11-04CVE-2011-1513NetworkLowNone Requ...
4.32011-03-15CVE-2011-0457NetworkMediumNone Requ...
Hide | Show 12 More...
 DateAlertAccess VectorAccess ComplexityAuthentification
4.32011-03-15CVE-2010-4757NetworkMediumNone Requ...
7.52010-05-27CVE-2010-2099NetworkLowNone Requ...
7.52010-05-27CVE-2010-2098NetworkLowNone Requ...
3.52010-04-20CVE-2010-0997NetworkMediumRequires ...
62010-04-20CVE-2010-0996NetworkMediumRequires ...
7.52009-11-29CVE-2009-4084NetworkLowNone Requ...
4.32009-11-29CVE-2009-4083NetworkMediumNone Requ...
4.32009-09-28CVE-2009-3444NetworkMediumNone Requ...
5.12009-04-24CVE-2009-1409NetworkHighNone Requ...
4.32009-02-19CVE-2008-6208NetworkMediumNone Requ...
6.52008-12-03CVE-2008-5320NetworkLowRequires ...
6.82008-04-29CVE-2008-2020NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (6)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
26% (4)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
13% (2)CWE-352Cross-Site Request Forgery (CSRF)
13% (2)CWE-264Permissions, Privileges, and Access Controls
6% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...

CAPEC : Common Attack Pattern Enumeration & Classificatio

idName
CAPEC-59Session Credential Falsification through Prediction
CAPEC-112Brute Force
CAPEC-281Analytic Attacks

Open Source Vulnerability Database (OSVDB)

idDescription
77042e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
67367e107 submitnews.php submitnews_title Parameter XSS
65243e107 bbcode/php.bb Access Control Check Weakness Arbitrary PHP Code Execution
65056e107 usersettings.php loginname Parameter Blacklist Weakness SQL Injection
63911e107 e107_plugins/content/content_manager.php content_heading Parameter XSS
Hide | Show 18 More...
idDescription
63910e107 Crafted .php.filetypesphp Image File Upload Arbitrary PHP Code Execution
60829e107 e107_admin/mailout.php Unspecified Parameter XSS
60828e107 e107_admin/links.php Unspecified Parameter XSS
60827e107 e107_admin/frontpage.php Unspecified Parameter XSS
60826e107 e107_admin/users_extended.php Unspecified Parameter XSS
60825e107 e107_admin/download.php Unspecified Parameter XSS
60824e107 e107_admin/cpage.php Unspecified Parameter XSS
60823e107 e107_admin/banner.php Unspecified Parameter XSS
60822e107 e107_admin/banlist.php Unspecified Parameter XSS
60821e107 e107_admin/newpost.php Unspecified Parameter XSS
60820e107 e107_admin/usersettings.php Unspecified Parameter XSS
60819e107 e107_admin/submitnews.php Unspecified Parameter XSS
60608e107 Search Feature Unspecified SQL Injection
58363e107 email.php HTTP Referer Header XSS
53812e107 usersettings.php hide Parameter SQL Injection
52406e107 submitnews.php Multiple Parameter XSS
49207e107 usersettings.php ue[] Array Parameter SQL Injection
44982PHP-Nuke CAPTCHA code_bg.jpg PHP ImageString Function Image Checksum Generati...

Milw0rm Exploits

idDescription
2009-04-20e107 <= 0.7.15 (extended_user_fields) Blind SQL Injection Exploit
2008-10-19e107 <= 0.7.13 (usersettings.php) Blind SQL Injection Exploit