Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2011-15133

Vulnerability Summary

Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested. This parameters are stored in the config file "e107_config.php". Version 0.7.24 is affected.

Exploits

Exploit DB: Core Security Technologies Advisory 2011.0810
Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested This parameters are stored in the config file ...

References

https://packetstormsecurity.com/files/106158/Core-Security-Technologies-Advisory-2011.0810.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook