Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
e107 Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2011-1513 - Vulnerability Database
e107

e107 Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2011-1513

High
Reference: CVE-2011-1513
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-1513
Title: e107 Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions when the installation script is not removed allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.