Description
Cross-site scripting (XSS) vulnerability in e107_admin/filemanager.php in e107 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the e107_files/ file path in the QUERY_STRING.
Remediation
References
Related Vulnerabilities
WordPress Plugin Yet Another Photoblog Unspecified Vulnerability (1.10.6)
WordPress Plugin WP-T-Wap Cross-Site Scripting (1.13.2)
WordPress Plugin Icon Widget Cross-Site Scripting (1.2.6)
WordPress Plugin Easy PayPal Events Unspecified Vulnerability (1.1.6)
WordPress Plugin WP User Frontend Arbitrary File Upload (2.3.10)