Description
Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php in e107 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the e107_files/ file path in the QUERY_STRING.
Remediation
References
Related Vulnerabilities
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Cross-Site Scripting (1.11.18)
WordPress Plugin Last.fm Rotation Local File Inclusion (1.0)
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)
WordPress Plugin eShop Multiple Vulnerabilities (6.3.13)
WordPress Plugin Lightbox Multiple Unspecified Vulnerabilities (2.0.7)