CVE-2011-4921

Опубликовано: 04 янв. 2012

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Ссылки

http://osvdb.org/78050
http://secunia.com/advisories/46706
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/01/04/3
http://www.securityfocus.com/bid/51253
https://exchange.xforce.ibmcloud.com/vulnerabilities/72011
http://osvdb.org/78050
http://secunia.com/advisories/46706
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/01/04/3
http://www.securityfocus.com/bid/51253
https://exchange.xforce.ibmcloud.com/vulnerabilities/72011

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:e107:e107:0.7.26:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00458

Низкий

5.1 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-6jj8-63q6-89g6

github

больше 3 лет назад