Known Vulnerabilities for E107 Cms by E107
Listed below are 2 of the newest known vulnerabilities associated with "E107 Cms" by "E107".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-46620 json | e107 is a content management system (CMS). Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on commen... | Not Provided | 2026-05-26 | 2026-05-27 |
| CVE-2026-43936 json | e107 is a content management system (CMS). Prior to 2.3.4, you can access the local environment by specifying the URL of the ... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-43935 json | e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page a... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-43934 json | e107 is a content management system (CMS). Prior to 2.3.4, a Broken Access Control vulnerability exists in the application, a... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2023-43874 json | Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a... | 5.4 - MEDIUM | 2023-09-28 | 2023-09-29 |
| CVE-2023-43873 json | A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafte... | 5.4 - MEDIUM | 2023-09-28 | 2023-09-29 |
| CVE-2021-47937 json | e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permiss... | 5.4 - MEDIUM | 2026-05-10 | 2026-05-12 |