CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1966

HIGH
7.5
CVSS Severity Score
EPSS Score0.0210%
EPSS Percentile13.15th
PublishedJun 10, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter.

Affected Platforms (CPE)

πŸ“¦
E107

E107

= 1.0.1

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=111868460811287&w=2
πŸ”— http://www.securityfocus.com/bid/13934
πŸ”— http://marc.info/?l=bugtraq&m=111868460811287&w=2
πŸ”— http://www.securityfocus.com/bid/13934

Related Vulnerabilities

CVE-2008-198910.0

PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is ...

CVE-2018-159018.8

e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.

CVE-2021-278858.8

usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.

CVE-2021-479378.8

e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions ...