Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-28242
HistoryApr 15, 2021 - 1:51 p.m.

CVE-2021-28242

2021-04-1513:51:23
mitre
www.cve.org
5
sql injection
b2evolution
v7.2.2-stable

AI Score

9.1

Confidence

High

EPSS

0.042

Percentile

92.3%

JSON

SQL Injection in the “evoadm.php” component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the “cf_name” parameter when creating a new filter under the “Collections” tab.

Related

osv 1
zdt 1
exploitdb 1
cve 1
packetstorm 1
prion 1
openvas 1
nvd 1
osv
osv
CVE-2021-28242
2021-04-15 14:15:16
zdt
zdt
b2evolution 7-2-2 - (cf_name) SQL Injection Exploit
2021-05-06 00:00:00
exploitdb
exploitdb
b2evolution 7-2-2 - 'cf_name' SQL Injection
2021-05-06 00:00:00
cve
cve
CVE-2021-28242
2021-04-15 14:15:16
packetstorm
packetstorm
b2evolution 7-2-2 SQL Injection
2021-05-06 00:00:00
prion
prion
Sql injection
2021-04-15 14:15:00
openvas
openvas
b2evolution < 7.2.3 SQL Injection Vulnerability
2021-04-19 00:00:00
nvd
nvd
CVE-2021-28242
2021-04-15 14:15:16

AI Score

9.1

Confidence

High

EPSS

0.042

Percentile

92.3%

JSON
Related for CVELIST:CVE-2021-28242
osv1zdt1exploitdb1cve1packetstorm1prion1openvas1nvd1