Description
SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.
Remediation
References
Related Vulnerabilities
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
MySQL CVE-2022-39404 Vulnerability (CVE-2022-39404)
WordPress Plugin LeadSnap PHP Object Injection (1.23)
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
WordPress Plugin GNU-Mailman Integration Cross-Site Scripting (1.0.6)