Description
SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.13)
WordPress Plugin SRS Simple Hits Counter SQL Injection (1.0.4)
WordPress Plugin IMPress for IDX Broker Multiple Vulnerabilities (2.6.1)
WordPress Plugin Product Input Fields for WooCommerce Arbitrary File Download (1.2.6)