CVE-2011-4921

CVE-2011-4921

EPSS 1.1%

SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://osvdb.org/78050 http://secunia.com/advisories/46706 https://exchange.xforce.ibmcloud.com/vulnerabilities/72011 http://www.openwall.com/lists/oss-security/2012/01/04/3 http://www.securityfocus.com/bid/51253