QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-4794

Back to search

CVE-2006-4794

Published: Sep 14, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

VendorProductVersions

n/a

n/a

affected
n/a

References

30982
vdb-entry
x_refsource_OSVDB
30979
vdb-entry
x_refsource_OSVDB
30987
vdb-entry
x_refsource_OSVDB
30983
vdb-entry
x_refsource_OSVDB
30984
vdb-entry
x_refsource_OSVDB
30986
vdb-entry
x_refsource_OSVDB
30985
vdb-entry
x_refsource_OSVDB
19997
vdb-entry
x_refsource_BID
30981
vdb-entry
x_refsource_OSVDB
30980
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now