CVE-2018-15901: CSRF
First published: Tue Aug 28 2018(Updated: )
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| E107 E107 | =2.1.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-15901?
CVE-2018-15901 is a vulnerability in e107 2.1.8 that allows CSRF attacks in 'usersettings.php', enabling attackers to change details, including passwords, of users, including administrators.
How does CVE-2018-15901 impact the affected software?
CVE-2018-15901 has a high severity rating of 8.8 and can result in attackers being able to change user details, such as passwords, of users, including administrators.
What version of e107 is affected by CVE-2018-15901?
e107 version 2.1.8 is affected by CVE-2018-15901.
How can I fix CVE-2018-15901?
To fix CVE-2018-15901, it is recommended to update e107 to a version that includes a patch for the vulnerability.
Where can I find more information about CVE-2018-15901?
You can find more information about CVE-2018-15901 on the following references: [link1] [link2]
- collector/nvd-index
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/author
- agent/type
- agent/tags
- agent/event
- vendor/e107
- canonical/e107 e107
- version/e107 e107/2.1.8