2 matches found
CVE-2018-16389
e107admin/banlist.php in e107 2.1.8 allows SQL injection via the oldip parameter...
CVE-2018-16381
e107 2.1.8 has XSS via the e107admin/users.php?mode=main&action=list userloginname parameter...