SQL injection vulnerability in resetcore.php in e107 0.617 up to and including 0.6173 allows remote malicious users to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
e107 e107 0.6172 |
||
e107 e107 0.617 |
||
e107 e107 0.6171 |