This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Secunia Research reported two vulnerabilities in e107 :
The first problem affects installations that have the Content Manager
plugin enabled. This plugin does not sanitize the 'content_heading'
parameter correctly and is therefore vulnerable to a cross site
The second vulnerability is related to the avatar upload
functionality. Images containing PHP code can be uploaded and
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 5.0
Public Exploit Available : true
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 45586 (freebsd_pkg_a4746a864c8911df83fb0015587e2cc1.nasl)
Bugtraq ID: 39540
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now