Description
Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php in e107 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the e107_files/ file path in the QUERY_STRING.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2002-0843)
WordPress Plugin Contus HD FLV Player 'uploadVideo.php' Arbitrary File Upload (1.7)
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734)
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)