Arbitrary SQL Command Execution in usersettings.php in e107 0.7.26 and Earlier Versions
CVE-2011-4921 · MEDIUM Severity
AV:N/AC:H/AU:N/C:P/I:P/A:P
SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.
Learn more about our User Device Pen Test.