Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 9 Jan 2015 18:48:12 +0100
From: Steffen Rösemann <>
Subject: CVE Request -- CMS e107 v.1.0.4 -- Reflecting XSS vulnerability in
 filemanager functionality

Hi Josh, Steve, vendors, list.

I found a reflecting XSS vulnerability in the filemanager functionality in
the administrative backend of CMS e107 v.1.0.4.

It can be exploited by an attacker like in the following example:

88, 83, 83,

Could you please assign a CVE-ID for it?

Thank you!


Steffen Rösemann



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ