Static Code Injection Vulnerability in e107 CMS 0.7.24 and Earlier: Remote PHP Code Injection via install_.php

Static Code Injection Vulnerability in e107 CMS 0.7.24 and Earlier: Remote PHP Code Injection via install_.php

CVE-2011-1513 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.