Описание
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 0.7.20 (включая)
Одно из
cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_10:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_11:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_12:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_13:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_14:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_15:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6_15a:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.12:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.14:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.15:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.16:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.17:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.18:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.19:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.545:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.547:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.548:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.549:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.551:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.552:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.553:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.554:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.554:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.555:beta:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6171:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6172:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6173:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6174:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.6175:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00517
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
EPSS
Процентиль: 66%
0.00517
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other