Open Hub
Black Duck Open Hub

 Settings |  Report Duplicate

0
I Use This!
Activity Not Available
 

Security

Vulnerabilities per Version

Learn more about BDSAs
 
 

Major Versions

1yr
3yr
5yr
10yr
All
click and drag to zoom
 
 
Security Vulnerabilities for Version:
Severities:
Type
Identifier Related Record Severity Date Published Description Versions Affected
CVE-2021-27885 Medium Mar 02, 2021 usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
2.1.2, 1.0.0, 0.7.8, 0.7.7, 0.7.6, 0.7.5, 0.7.4, 0.7.3
CVE-2016-10753 Medium May 24, 2019 e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC.
2.1.2