6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
55.6%
High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in b2evolution, which can be exploited to alter SQL requests passed to the vulnerable application’s database.
This vulnerability is also exploitable via CSRF vector, since the application is prone to Cross-Site Request Forgery (CSRF) attacks. In order to do so an attacker should trick a logged-in administrator to visit malicious web page with CSRF exploit.
Basic CSRF exploit:
<img src=“http://[host]/blogs/admin.php?submit=Search&ctrl=items&tab=full&blog=1& show_statuses[]=1’) )) UNION SELECT version() INTO OUTFILE ‘/tmp/file.txt’ --”>
CPE | Name | Operator | Version |
---|---|---|---|
b2evolution | le | 4.1.6 |