Vulnerability   
Search   
    Search 210752 CVE descriptions
and 93608 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.56755
Category:CGI abuses
Title:E107 Resetcore.PHP SQL Injection Vulnerability
Summary:NOSUMMARY
Description:Description:

The remote host, according to the version number, has a vulnerable
version of e107 web content management software installed.

The flaw allows attackers to perform SQL injection attacks via
the 'resetcore.php' script, allowing easy access to administrative
functions.

Versions prior to 0.6173 are vulnerable.

Solution : Upgrade to 0.6173 or later.
http://e107.org
http://retrogod.altervista.org/e107remote.html
https://sourceforge.net/project/shownotes.php?release_id=364570

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 15125
Common Vulnerability Exposure (CVE) ID: CVE-2005-3521
http://www.securityfocus.com/bid/15125
Bugtraq: 20051018 e107 remote commands execution (Google Search)
http://marc.info/?l=bugtraq&m=112967223222966&w=2
http://www.osvdb.org/20070
http://securitytracker.com/id?1015069
http://secunia.com/advisories/17237/
XForce ISS Database: e107-resetcore-sql-injection(22780)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22780
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 93608 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.