Description

Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.php.

Remediation

References

CVE-2004-2042

Related Vulnerabilities

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.11)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3747)

WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2607)

MySQL CVE-2022-21278 Vulnerability (CVE-2022-21278)

Severity

High

Classification

CVE-2004-2042

Tags

Missing Update Known Vulnerabilities