WEB APPLICATION VULNERABILITIES Standard & Premium

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)

Description

e107 2.1.7 has CSRF resulting in arbitrary user deletion.

Remediation

References

Related Vulnerabilities

MySQL Other Vulnerability (CVE-2002-1376)

Joomla! Core Security Bypass (1.6.0 - 3.9.24)

Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7)

WordPress Plugin 5gig Concerts Unspecified Vulnerability (1.0)

WordPress Plugin SpiderCatalog 's_p_c_t' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.1)

Severity

Medium

Classification

CVE-2018-11127 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities