Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2021-27885 | Medium | Mar 02, 2021 | usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism. |
2.1.2, 1.0.0, 0.7.8, 0.7.7, 0.7.6, 0.7.5, 0.7.4, 0.7.3
|
|
CVE-2016-10753 | Medium | May 24, 2019 | e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC. |
2.1.2
|