Description

SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.

Remediation

References

CVE-2011-4946

Related Vulnerabilities

SharePoint CVE-2024-32987 Vulnerability (CVE-2024-32987)

WordPress 3.1 Multiple Vulnerabilities (0.7 - 3.1)

WordPress Plugin JC Coupon Cross-Site Scripting (2.5)

SharePoint CVE-2020-1181 Vulnerability (CVE-2020-1181)

Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4076)

Severity

Medium

Classification

CVE-2011-4946 CWE-138

Tags

Missing Update Known Vulnerabilities