E107codersCVEs & Vulnerabilities
2 CVEs affecting E107coders products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
e107 blog engine 1macguru blog engine plugin 1
CVE-2008-6438HIGHpoc
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
6 Mar 2009
7.5
CVSS
CVE-2008-2455HIGHpoc
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.
27 May 2008
7.5
CVSS
← PrevPage 1 / 1Next →