CVE-2011-1513

e107 < 0.7.24 - Remote Code Execution via MySQL Server Name Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1513. PoCs published by Matt Bergin.

AI-analyzed exploit summary This exploit demonstrates a remote command execution vulnerability in e107 by appending a command to the 'cmd' parameter in the e107_config.php URL. The vulnerability arises from improper input validation, allowing arbitrary command execution.

Description

Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Matt Bergin · textwebappsphp
https://www.exploit-db.com/exploits/36252

This exploit demonstrates a remote command execution vulnerability in e107 by appending a command to the 'cmd' parameter in the e107_config.php URL. The vulnerability arises from improper input validation, allowing arbitrary command execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: e107 0.7.24
No auth needed
Prerequisites: Access to the e107_config.php file on the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0612
EPSS Percentile 92.5%

Details

CWE
CWE-78
Status published
Products (49)
e107/e107 0.7
e107/e107 0.7.0
e107/e107 0.7.1
e107/e107 0.7.2
e107/e107 0.7.3
e107/e107 0.7.4
e107/e107 0.7.5
e107/e107 0.7.6
e107/e107 0.7.7
e107/e107 0.7.8
... and 39 more
Published Nov 04, 2011
Tracked Since Feb 18, 2026