| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-2039 | 5.0 |
e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend_menu.php, (3) clock_menu.php, (4) counter_menu.php, (5) login_menu.php, and other files, which reveal the full path in a PHP erro
|
11-07-2017 - 01:31 | 29-05-2004 - 04:00 | |
| CVE-2004-2041 | 7.5 |
PHP remote file inclusion vulnerability in secure_img_render.php in e107 0.615 allows remote attackers to execute arbitrary PHP code by modifying the p parameter to reference a URL on a remote web server that contains the code.
|
11-07-2017 - 01:31 | 29-05-2004 - 04:00 | |
| CVE-2004-2042 | 7.5 |
Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.p
|
11-07-2017 - 01:31 | 29-05-2004 - 04:00 | |
| CVE-2004-2040 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) av
|
11-07-2017 - 01:31 | 29-05-2004 - 04:00 |