CVE-2009-3444
e107 < 0.7.16 - Cross-Site Scripting via HTTP Referer Header
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-3444. PoCs published by MustLive.
AI-analyzed exploit summary This is a writeup describing a Cross-Site Scripting (XSS) vulnerability in E107 versions 0.7.16 and earlier. The vulnerability is triggered via the Referer header, allowing arbitrary JavaScript execution.
Description
Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header in a news.1 (aka news to email) action.
Exploits (1)
This is a writeup describing a Cross-Site Scripting (XSS) vulnerability in E107 versions 0.7.16 and earlier. The vulnerability is triggered via the Referer header, allowing arbitrary JavaScript execution.