Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:E107 SQL Injection Vulnerability

The remote host, according to the version number, has a vulnerable
version of e107 web content management software installed.

The flaw allows attackers to perform SQL injection attacks via
cookies that are insufficiently sanitized, allowing easy access
to administrative functions.

Versions up to and including 0.7.2 are vulnerable.

Solution : Upgrade to a later version.

Risk factor : High

CVSS Score:

Cross-Ref: BugTraq ID: 17966
Common Vulnerability Exposure (CVE) ID: CVE-2006-2416
Bugtraq: 20060513 SQL-Injection in e107 allows attacker to become a site admininstrator (Google Search)
XForce ISS Database: e107-cookie-sql-injection(26434)
CopyrightCopyright (c) 2006 E-Soft Inc.

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.