Lucene search
K

b2evolution CMS <6.11.6 - Open Redirect

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 36 Views

b2evolution CMS <6.11.6 - Open Redirect vulnerability allows attackers to redirect users to malicious sites via email_passthrough.php, potentially leading to sensitive data exposure and unauthorized operations

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2020-22840
14 Nov 202406:08
circl
CNNVD
b2evolution Input Validation Error Vulnerability
9 Feb 202100:00
cnnvd
CVE
CVE-2020-22840
9 Feb 202113:09
cve
Cvelist
CVE-2020-22840
9 Feb 202113:09
cvelist
Exploit DB
b2evolution 6.11.6 - &#039;redirect_to&#039; Open Redirect
11 Feb 202100:00
exploitdb
NVD
CVE-2020-22840
9 Feb 202114:15
nvd
OpenVAS
b2evolution < 6.11.7 Multiple Vulnerabilities
11 Feb 202100:00
openvas
Packet Storm
b2evolution CMS 6.11.6 Open Redirection
10 Feb 202100:00
packetstorm
Prion
Open redirect
9 Feb 202114:15
prion
RedhatCVE
CVE-2020-22840
22 May 202515:19
redhatcve
Rows per page
id: CVE-2020-22840

info:
  name: b2evolution CMS <6.11.6 - Open Redirect
  author: geeknik
  severity: medium
  description: b2evolution CMS before 6.11.6 contains an open redirect vulnerability via the redirect_to parameter in email_passthrough.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    This vulnerability can be exploited by attackers to trick users into visiting malicious websites, potentially leading to phishing attacks, malware infections, or unauthorized access to sensitive information.
  remediation: |
    Upgrade b2evolution CMS to version 6.11.6 or later to mitigate the open redirect vulnerability (CVE-2020-22840).
  reference:
    - https://github.com/b2evolution/b2evolution/issues/102
    - http://packetstormsecurity.com/files/161362/b2evolution-CMS-6.11.6-Open-Redirection.html
    - https://www.exploit-db.com/exploits/49554
    - https://nvd.nist.gov/vuln/detail/CVE-2020-22840
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2020-22840
    cwe-id: CWE-601
    epss-score: 0.13817
    epss-percentile: 0.96064
    cpe: cpe:2.3:a:b2evolution:b2evolution:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: b2evolution
    product: b2evolution
  tags: cve,cve2020,packetstorm,edb,redirect,b2evolution,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$'
# digest: 4a0a004730450221008e84a573d90deb4a43ae67f7b4c4837be7e3ecf6f58e4a522434e2cb5af8568b02205e8247ddfc8fc738e546b38cf8f330c0abd93622f283f00eb3882a80848aa3a2:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 25.8
CVSS 3.16.1
EPSS0.13817
36