Description
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name'].
Remediation
References
Related Vulnerabilities
WordPress Plugin uContext for Clickbank Cross-Site Request Forgery (3.9.1)
WordPress Plugin Sitewide Notice WP Cross-Site Scripting (2.2)
PHP Other Vulnerability (CVE-2005-3390)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2367)
Jetty Improper Neutralization of Quoting Syntax Vulnerability (CVE-2023-36479)