CVE-2017-1000423

2018-01-02T20:29:00
ID CVE-2017-1000423
Type cve
Reporter cve@mitre.org
Modified 2018-01-17T18:12:00

Description

b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.