Description
SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4593)
OpenSSL Uncontrolled Recursion Vulnerability (CVE-2018-0739)
WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.228)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)