Description

Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system in e107 before 0.7.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Remediation

References

CVE-2006-0682

Related Vulnerabilities

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-6270)

WordPress Plugin CM Download Manager Code Injection (2.0.3)

WordPress Plugin WPCOM Member Malicious Code (1.3.16)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2007-4652)

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1499)

Severity

Medium

Classification

CVE-2006-0682

Tags

Missing Update Known Vulnerabilities