E107 CVEs and Security Vulnerabilities

Filtered by vendor E107 Subscriptions

Filtered by product E107 Subscriptions

Switch to Advanced Search (Beta)

Total 83 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-11734	1 E107	1 E107	2024-11-21	N/A
In e107 v2.1.7, output without filtering results in XSS.
CVE-2018-11127	1 E107	1 E107	2024-11-21	N/A
e107 2.1.7 has CSRF resulting in arbitrary user deletion.
CVE-2016-10753	1 E107	1 E107	2024-11-21	N/A
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC.

« first previous Page 5 of 5.