CVE-2006-2416

Name of the Vulnerable Software and Affected Versions e107 versions 0.7.2 and earlier

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via a cookie defined in $pref['cookie name'].

Recommendations For versions 0.7.2 and earlier, update to a version later than 0.7.2 to resolve the issue.