2 matches found
E107 lyrics_menu Plugin SQL Injection (CVE-2008-4906)
An SQL injection vulnerability has been reported in e107 lyricsmenu Plugin. An attacker could exploit this vulnerability via the lid parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2008-4906
CVE-2008-4906 describes an SQL injection in the Lyrics (lyrics_menu) plugin for e107, version 0.42, where the l_id parameter enables remote attackers to execute arbitrary SQL commands. This is a high-severity issue (CVSS v2 base score 7.5). The provided documents confirm the vulnerable component ...