Description
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2008-3660)
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1)
Ruby on Rails Improper Input Validation Vulnerability (CVE-2010-3933)
WordPress Plugin Social Essentials-Social Stats and Sharing Buttons Cross-Site Scripting (1.3.1)