CVE-2011-4921 Information

Description

SQL injection vulnerability in usersettings.php in e107 0.7.26 and possibly other versions before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Reference

http://osvdb.org/78050 http://secunia.com/advisories/46706 http://www.openwall.com/lists/oss-security/2012/01/04/3 http://www.securityfocus.com/bid/51253 https://exchange.xforce.ibmcloud.com/vulnerabilities/72011