Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4921

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2011-4921
Last Modified 11 Oct 2012 11:22:53
Published 04 Jan 2012 02:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-4921

Summary

SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Vulnerable Systems

Application

  • E107 0.7.26


References

XF - e107inc-usersettings-sql-injection(72011)

SECUNIA - 46706

OSVDB - 78050

MLIST - [oss-security] 20120104 Re: CVE-request: Multiple e107 vulnerabilities

BID - 51253


Last Updated: 27 May 2016 10:58:19