Cross-Site Scripting Vulnerability in e107 by e107 Inc.
CVE-2015-1041

Currently unrated

Key Information:

Vendor

E107

Status
E107
Vendor
CVE Published:
15 January 2015

What is CVE-2015-1041?

The e107 content management system version 1.0.4 contains a Cross-Site Scripting (XSS) vulnerability in the filemanager.php file. This flaw allows remote attackers to inject arbitrary web scripts or HTML through the e107_files/ file path within the QUERY_STRING. Exploiting this vulnerability could enable attackers to execute malicious scripts in the context of a user's session, potentially leading to data theft or further exploitation of the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sroesemann.blogspot.de/2015/01/report-for-advisory...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/99898
vdb-entryx_refsource_XF
https://github.com/e107inc/e107v1/issues/2
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.