Static Code Injection Vulnerability in e107 CMS 0.7.24 and Earlier: Remote PHP Code Injection via install_.php
CVE-2011-1513 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.