Description

Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php.

Remediation

References

CVE-2004-2028

Related Vulnerabilities

MySQL Other Vulnerability (CVE-2001-1274)

Squid Improper Input Validation Vulnerability (CVE-2014-0128)

WordPress Plugin WP Easy Gallery Multiple Unspecified Vulnerabilities (2.7)

Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)

WordPress Plugin Securimage-WP Cross-Site Scripting (3.2.4)

Severity

Medium

Classification

CVE-2004-2028

Tags

Missing Update Known Vulnerabilities