exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

e107v06Vote.txt
Posted Dec 7, 2005
Authored by Marc Ruef | Site scip.ch

e107 version 0.6 is susceptible to a voting manipulation flaw in rate.php.

tags | advisory, php
SHA-256 | 95e0984c729ea5ba5d733100805fd95305beec52393b661132040af4778c98bb

Related Files

e107 0.7.25 Cross Site Request Forgery
Posted Apr 7, 2011
Authored by AutoSec Tools | Site autosectools.com

A cross site request forgery vulnerability in e107 version 0.7.25 can be exploited to grant admin privileges.

tags | exploit, csrf
SHA-256 | 63cb6ca823beffb1db021f387a72de0cdc5f339f33eb80b38b7c32801ec531fb
e107 0.7.23 SQL Injection
Posted Sep 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.23 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 828584f023f7a32cf3f7faae0c121d08bd38fc282cef540e2b99bfc7931cf160
Secunia Security Advisory 41597
Posted Sep 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in e107, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | a721e12df11d390bec5e704b0d8c309fb12dc4357ff88085de6155c6255db367
e107 0.7.23 SQL Injection
Posted Sep 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.23 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 2153a7a292547e7be2a5e14f91d61548b9533cfc29cbe79a79406a848d0ce368
Secunia Security Advisory 41494
Posted Sep 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in e107, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | afe842b9878328677e62df8c229f0f520c06443b4eb80d12d3500aab1537f39f
Secunia Security Advisory 41034
Posted Aug 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin Klein Keane has reported some vulnerabilities in e107, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 4e06bde1bdd3d0d7ef8a343fafcaef84fee85f9d48b49e2738e3aeb9d193e6a7
E107 Cross Site Scripting / Cross Site Request Forgery
Posted Aug 24, 2010
Authored by Justin C. Klein Keane

e107 version 0.7.22 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 18d87a1b6633c7641658c0f1c3580accf0a28d401bcf0ac63de69bd33dc3896f
Persian E107 Cross Site Scripting
Posted Jun 2, 2010
Authored by indoushka

Persian E107 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6564df693ce56d5846c18375e27a12067b7df2eb80981393dabf369cb998d7bd
e107 0.7.21 Cross Site Scripting / Remote File Inclusion
Posted Jun 2, 2010
Authored by indoushka

e107 version 0.7.21 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
SHA-256 | f8b4d66de843d9ce7e1495e2fabc0e17eac81cea36043e2fa7a3f18a41ed1256
MOPS-2010-035 - e107 BBCode PHP Code Execution
Posted May 25, 2010
Authored by Stefan Esser | Site php-security.org

Month Of PHP Security - It was discovered that access control to the [php] bbcode which allows executing PHP code is wrongly implemented in e107. This allows unauthenticated users to execute arbitrary PHP code easily. e107 versions 0.7.20 and below are affected.

tags | exploit, arbitrary, php
SHA-256 | 9e5e13070e5b1bbb208fabf81b566739464738bffb9c5bb3ff0a0421519c348e
MOPS-2010-031 - e107 SQL Injection
Posted May 25, 2010
Authored by Stefan Esser | Site php-security.org

Month Of PHP Security - An SQL Injection vulnerability was discovered in the user settings dialog of e107 that allows any user to become an admin easily. Versions 0.7.20 and below are affected.

tags | exploit, php, sql injection
SHA-256 | 7764fa816c681b9e1f35443ed5a5834ca32d0cf19952369802e37f00f1158457
e107 Code Execution
Posted May 25, 2010
Authored by McFly

e107 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | d2271344d5cf5d94efc3503cc0a64e4494a69d740cc7827ec217430cd57fcdf4
Secunia Security Advisory 39498
Posted Apr 21, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in e107, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 31e7f0d97710dad8c3d335f0df946da8004a0f9158dfaeb6b53b0239ad0c8c70
e107 0.7.19 Source IP Address Spoof
Posted Apr 21, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.19 logs the X-Forwarded-For: IP address as the source allowing for manipulation of the logs.

tags | exploit
SHA-256 | 82453c49daa5a3b968b1862382c94a299d31e5861a257fe10dcad4612a8a8882
e107 0.7.19 Cross Site Request Forgery
Posted Apr 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.19 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 27b520286f1e9a6ab8b67aed91a0b309ef5f8f525c0e206c4317a9df6f7f70b4
Secunia Security Advisory 39013
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in e107, which can be exploited by malicious users to conduct script insertion attacks or to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 49123e7fcfbdcd34b94ca961d9f0a69034aea1dae73cf1ad362a5eb21c9371fc
e107 Avatar/Photograph Image File Upload
Posted Apr 20, 2010
Site secunia.com

Secunia Research has discovered a vulnerability in e107, which can be exploited by malicious users to compromise a vulnerable system. An error exists in the handling of file uploads for avatar and photograph images. This can be exploited to upload and execute arbitrary PHP code via a specially crafted image file with a ".php.filetypesphp" extension. Successful exploitation requires that "Public Uploads" are disabled (default), but uploads for avatar or photograph images for users are enabled, and a certain server configuration (e.g. an Apache server with the "mod_mime" module installed).e107 version 0.7.19 is affected.

tags | advisory, arbitrary, php, file upload
advisories | CVE-2010-0996
SHA-256 | 45428821d57d683fe1349074f3b121de28a05956ea85e81aa8b952bc93652c39
e107 Content Management Plugin Script Insertion
Posted Apr 19, 2010
Site secunia.com

Secunia Research has discovered a vulnerability in e107, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "content_heading" parameter to 107_plugins/content/content_manager.php while creating new content is not properly sanitized before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires authentication and that the Content Management plugin is enabled. e107 version 0.7.19 is affected.

tags | advisory, arbitrary, php
advisories | CVE-2010-0997
SHA-256 | 9e5427a42ec609184b91c787aba776dfd53753bbf2594f58df51f916c1df2df2
Secunia Security Advisory 38330
Posted Jan 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in e107, which can potentially be exploited to compromise a vulnerable system.

tags | advisory
SHA-256 | 785a98a49cb5484331a7f0eecadf8992fba8a0a28fad233b7c2ea10ac1e2fc37
e107 SQL Injection / Cross Site Scripting
Posted Nov 23, 2009
Authored by SVRT | Site security.bkis.vn

e107 versions 0.7.16 and below suffer from cross site scripting and SQL injection vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | b5a1b182556ef4eefffabe1f32b4551ce30084ff37aa878c82cac82d6fa64ed4
E107 eCaptcha Cross Site Scripting
Posted Sep 29, 2009
Authored by MustLive

The E107 eCaptcha plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ce9b99226830c2e16bbd2cbe66a2246d99e928fdce2ecf419bc3fe81294b059b
Secunia Security Advisory 36832
Posted Sep 25, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered a vulnerability in e107, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 61ef115d98de2c53387030ebb1c6c0e43b0ab63e4cb2a442a16860e7422b48bb
E107 Referer Cross Site Scripting
Posted Sep 24, 2009
Authored by MustLive

E107 suffers from a referer header cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bc15dba228664889a433738765ce808c046107fd905482adc8d3771ab1e526ce
e107 my_gallery 2.4.1 File Disclosure
Posted Jul 23, 2009
Authored by Vrs-hCk

The my_gallery version 2.4.1 plugin for e107 suffers from a local file disclosure vulnerability in readfile().

tags | exploit, local, info disclosure
SHA-256 | cfc848134d90297d8b1e87adcfb56229a852765353221339c2b362ae6383cdcd
Secunia Security Advisory 34823
Posted Apr 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in e107, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | dfa16dc5a83b5fabcc0c3dcd811a6688de4612772fce62b28ffd6c7f993c35a9
Page 2 of 4
Back1234Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close