Shodan
Vulnerabilities
Vulnerable Software
E107:  >> E107  >> 5.3_beta2  Security Vulnerabilities
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320.
CVSS Score
5.1
EPSS Score
0.002
Published
2009-04-24
CVE-2008-5320
SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter.
CVSS Score
6.5
EPSS Score
0.003
Published
2008-12-03
CVE-2006-0682
Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system in e107 before 0.7.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2006-02-15
CVE-2005-2327
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-07-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved