CVE-2005-4052

Name of the Vulnerable Software and Affected Versions e107 version 0.6174

Description The issue allows remote attackers to redirect users to other web sites via the download parameter in "rate.php". This occurs after a user submits a file download rating. By default, the e BASE variable restricts the redirection to the same web site.

Recommendations For e107 version 0.6174, consider restricting access to the "rate.php" file or validating the download parameter to prevent unauthorized redirects. As a temporary workaround, restrict the e BASE variable to limit redirections to the same web site.