cbcvebase.
CVE-2011-1513
published 2011-11-04

CVE-2011-1513: Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows…

PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
5.79%
92.2th percentile
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.

Affected

58 ranges· showing 25
VendorProductVersion rangeFixed in
e107e107<= 0.7.24
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
e107e107
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.