4.3

CVE-2006-4794

Exploit
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php.  NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
E107E107 Version0.7.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.59% 0.904
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.osvdb.org/30979
http://www.osvdb.org/30980
http://www.osvdb.org/30981
http://www.osvdb.org/30982
http://www.osvdb.org/30983
http://www.osvdb.org/30984
http://www.osvdb.org/30985
http://www.osvdb.org/30986
http://www.osvdb.org/30987
http://www.securityfocus.com/bid/19997
Exploit
http://www.securityfocus.com/data/vulnerabilities/exploits/19997.html
Exploit