CVE-2008-5320

SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
e107e107
𝑥
≤ 0.7.13
e107e107
0.7
e107e107
0.7.1
e107e107
0.7.2
e107e107
0.7.3
e107e107
0.7.4
e107e107
0.7.5
e107e107
0.7.6
e107e107
0.7.7
e107e107
0.7.8
e107e107
0.7.9
e107e107
0.7.10
e107e107
0.7.11
e107e107
0.547_beta:_beta
e107e107
0.548_beta:_beta
e107e107
0.549_beta:_beta
e107e107
0.551_beta:_beta
e107e107
0.552_beta:_beta
e107e107
0.553_beta:_beta
e107e107
0.554_beta:_beta
e107e107
0.555_beta:_beta
e107e107
0.600
e107e107
0.601
e107e107
0.602
e107e107
0.603
e107e107
0.604
e107e107
0.605
e107e107
0.606
e107e107
0.607
e107e107
0.608
e107e107
0.609
e107e107
0.610
e107e107
0.611
e107e107
0.612
e107e107
0.613
e107e107
0.614
e107e107
0.615
e107e107
0.615a:a
e107e107
0.616
e107e107
0.617
e107e107
0.6171
e107e107
0.6172
e107e107
0.6173
e107e107
0.6174
e107e107
0.6175
e107e107
5.1
e107e107
5.3_beta:_beta
e107e107
5.3_beta2:_beta2
e107e107
5.04
e107e107
5.4_beta1:_beta1
e107e107
5.4_beta3:_beta3
e107e107
5.4_beta4:_beta4
e107e107
5.4_beta5:_beta5
e107e107
5.4_beta6:_beta6
e107e107
5.05
e107e107
5.21
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32322
http://securityreason.com/securityalert/4683
http://www.securityfocus.com/bid/31821
http://www.vupen.com/english/advisories/2008/2860
https://exchange.xforce.ibmcloud.com/vulnerabilities/45967
https://www.exploit-db.com/exploits/6791
http://secunia.com/advisories/32322
http://securityreason.com/securityalert/4683
http://www.securityfocus.com/bid/31821
http://www.vupen.com/english/advisories/2008/2860
https://exchange.xforce.ibmcloud.com/vulnerabilities/45967
https://www.exploit-db.com/exploits/6791