Description
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31779)
WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.7.0 - 3.9.18)