2 matches found
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320...
CVE-2009-1409
creationtimestamp| type| source ---|---|--- 2009-04-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8495...