FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-18 05:51:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a4746a86-4c89-11df-83fb-0015587e2cc1	e107 -- code execution and XSS vulnerabilities Secunia Research reported two vulnerabilities in e107: The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "content_heading" parameter correctly and is therefore vulnerable to a cross site scripting attack. The second vulnerability is related to the avatar upload functionality. Images containing PHP code can be uploaded and executed. Discovery 2010-04-15 Entry 2010-04-20 e107 < 0.7.20 39540 CVE-2010-0996 CVE-2010-0997 ports/145885 http://e107.org/comment.php?comment.news.864 http://secunia.com/secunia_research/2010-43/ http://secunia.com/secunia_research/2010-44/ http://xforce.iss.net/xforce/xfdb/57932

VuXML ID

Description

a4746a86-4c89-11df-83fb-0015587e2cc1

e107 -- code execution and XSS vulnerabilities

Secunia Research reported two vulnerabilities in e107:

The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "content_heading" parameter correctly and is therefore vulnerable to a cross site scripting attack.

The second vulnerability is related to the avatar upload functionality. Images containing PHP code can be uploaded and executed.

Discovery 2010-04-15
Entry 2010-04-20
e107

< 0.7.20

39540
CVE-2010-0996
CVE-2010-0997
ports/145885
http://e107.org/comment.php?comment.news.864
http://secunia.com/secunia_research/2010-43/
http://secunia.com/secunia_research/2010-44/
http://xforce.iss.net/xforce/xfdb/57932