SQL Injection Vulnerability in e107 2.1.1 via pagelist parameter in e107_admin/menus.php

CVE-2016-10378 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107_admin/menus.php, related to the menuSaveVisibility function.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.