HomePentest-Tools.com Logo

e107 resetcore.php SQL Injection CVE-2005-3521

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

The remote web server contains a PHP script that is prone to a SQL injection attack.

Risk description

The remote host appears to be running e107, a web content management system written in PHP. There is a flaw in the version of e107 on the remote host such that anyone can injection SQL commands through the resetcore.php script which may be used to gain administrative access trivially.

Recommendation

Upgrade to e107 version 0.6173 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 6, 2005
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available