Description
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name'].
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2002-0569)
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000864)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34)
WordPress Plugin Ultimate WordPress Auction Multiple Vulnerabilities (4.0.5)
Oracle Database Server CVE-2015-4863 Vulnerability (CVE-2015-4863)