Description

SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter.

Remediation

References

CVE-2008-5320

Related Vulnerabilities

WordPress Plugin WP Js External Link Info Open Redirect (1.21)

WordPress Plugin Craw Data Server-Side Request Forgery (1.0.0)

GeoServer Other Vulnerability (CVE-2024-23634)

WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.28)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)

Severity

Medium

Classification

CVE-2008-5320 CWE-138

Tags

Missing Update Known Vulnerabilities