Description

Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.

Remediation

References

CVE-2010-2098

Related Vulnerabilities

Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.11)

Serendipity Other Vulnerability (CVE-2009-4412)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.153.3)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527)

WordPress Plugin Numbers generator and validator Multiple Unspecified Vulnerabilities (1.02)

Severity

High

Classification

CVE-2010-2098

Tags

Missing Update Known Vulnerabilities