Description

SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.

Remediation

References

CVE-2005-3521

Related Vulnerabilities

WordPress Plugin Abstract Submission Local File Inclusion (0.6)

SharePoint CVE-2020-1443 Vulnerability (CVE-2020-1443)

Internet Information Services Other Vulnerability (CVE-2000-0114)

Joomla! Core Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 3.8.7)

WordPress Plugin WP Database Backup Cross-Site Request Forgery (5.1.2)

Severity

High

Classification

CVE-2005-3521

Tags

Missing Update Known Vulnerabilities