WEB APPLICATION VULNERABILITIES Standard & Premium

e107 Other Vulnerability (CVE-2004-2042)

Description

Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via (1) content parameter to content.php, (2) content_id parameter to content.php, or (3) list parameter to news.php.

Remediation

References

Related Vulnerabilities

PrestaShop URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-5270)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)

Joomla! Core 3.x.x Cross-Site Scripting (3.1.0 - 3.9.23)

Drupal Core 7.x Open Redirect (7.0 - 7.40)

WordPress Plugin Flip Book 'php.php' Arbitrary File Upload (1.0)

Severity

High

Classification

Tags

Missing Update Known Vulnerabilities