Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Jan 2012 00:04:27 +0200
From: Henri Salo <>
Subject: CVE-request: Multiple e107 vulnerabilities

1) Multiple Script URI XSS

2) e107_admin/users.php resend_name Parameter XSS

3) User Signatures link BBCode XSS

4) usersettings.php username Parameter SQL Injection

Secunia advisory:

I do not know where to find SCM links. Secunia can probably help if needed.

- Henri Salo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.