Description

e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter.

Remediation

References

CVE-2018-16389

Related Vulnerabilities

Oracle Application Server CVE-2006-5364 Vulnerability (CVE-2006-5364)

Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11818)

Lighttpd Cryptographic Issues Vulnerability (CVE-2013-1427)

WordPress Plugin WooCommerce Cart Expiration PHP Object Injection (0.1.0)

WordPress Plugin EELV Newsletter Multiple Vulnerabilities (4.6)

Severity

Medium

Classification

CVE-2018-16389 CWE-138 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Tags

Missing Update Known Vulnerabilities