Unrated severityNVD Advisory· Published Nov 6, 2005· Updated Jun 16, 2026

CVE-2005-3521

Description

SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

E107/E107llm-fuzzy
Range: >=0.617, <=0.6173

Patches

Vulnerability mechanics

Root cause

"Missing input sanitization in resetcore.php allows SQL injection via the a_name parameter."

Attack vector

An attacker sends a crafted HTTP POST request to `resetcore.php` with a SQL injection payload in the `a_name` parameter (e.g., `' or isnull(1/0)/*`) and an empty password. This bypasses authentication and allows the attacker to modify core settings. By enabling public uploads of `.php` files, the attacker can then upload a web shell via `upload.php` and execute arbitrary system commands [ref_id=1].

Affected code

The vulnerability resides in `resetcore.php` within the e107 files directory. The `a_name` parameter and the `user` field on the login page are not sanitized before being used in SQL queries.

What the fix does

The advisory does not include a patch. To remediate, input validation and parameterized queries must be applied to the `a_name` and `user` fields in `resetcore.php` to prevent SQL injection. Additionally, file upload restrictions should not be modifiable through unauthenticated or SQL-injected requests.

Preconditions

networkThe attacker must have network access to the e107 installation.
authNo prior authentication is required; the SQL injection bypasses login.
configThe `resetcore.php` endpoint must be accessible.

Generated on Jun 17, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

e107.org/news.phpnvdPatch
secunia.com/advisories/17237/nvdPatchVendor Advisory
securitytracker.com/idnvdExploitVendor Advisory
www.securityfocus.com/bid/15125nvdExploit
marc.infonvd
www.osvdb.org/20070nvd
exchange.xforce.ibmcloud.com/vulnerabilities/22780nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000