FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

e107 -- code execution and XSS vulnerabilities

Affected packages
e107 < 0.7.20

Details

VuXML ID a4746a86-4c89-11df-83fb-0015587e2cc1
Discovery 2010-04-15
Entry 2010-04-20

Secunia Research reported two vulnerabilities in e107:

The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "content_heading" parameter correctly and is therefore vulnerable to a cross site scripting attack.

The second vulnerability is related to the avatar upload functionality. Images containing PHP code can be uploaded and executed.

References

Bugtraq ID 39540
CVE Name CVE-2010-0996
CVE Name CVE-2010-0997
FreeBSD PR ports/145885
URL http://e107.org/comment.php?comment.news.864
URL http://secunia.com/secunia_research/2010-43/
URL http://secunia.com/secunia_research/2010-44/
URL http://xforce.iss.net/xforce/xfdb/57932