Description
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Remediation
References
Related Vulnerabilities
PostgreSQL Numeric Errors Vulnerability (CVE-2007-6067)
Apache Tomcat Other Vulnerability (CVE-2006-7195)
PHP Resource Management Errors Vulnerability (CVE-2010-2225)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-2922)
Oracle Database Server CVE-2011-0877 Vulnerability (CVE-2011-0877)