FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a4746a86-4c89-11df-83fb-0015587e2cc1e107 -- code execution and XSS vulnerabilities

Secunia Research reported two vulnerabilities in e107:

The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "content_heading" parameter correctly and is therefore vulnerable to a cross site scripting attack.

The second vulnerability is related to the avatar upload functionality. Images containing PHP code can be uploaded and executed.


Discovery 2010-04-15
Entry 2010-04-20
e107
< 0.7.20

39540
CVE-2010-0996
CVE-2010-0997
ports/145885
http://e107.org/comment.php?comment.news.864
http://secunia.com/secunia_research/2010-43/
http://secunia.com/secunia_research/2010-44/
http://xforce.iss.net/xforce/xfdb/57932