CVE-2018-16389 Information
Feb 14, 2021
cve
Description
e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Reference
https://gist.github.com/ommadawn46/51e08e13e6980dcbcffb4322c29b93d0 https://github.com/e107inc/e107/commit/ec483e9379aa622bfcc1b853b189c74288771f27
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
NONE
Base Severity
6.5
Share on: