SQL Injection Vulnerability in e107 2.1.1 via pagelist parameter in e107_admin/menus.php
CVE-2016-10378 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107_admin/menus.php, related to the menuSaveVisibility function.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.