Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Positive Technologies
Positive Technologiesadded 2023/01/03 12:0 a.m.4 views

PT-2023-14430 · Unknown · B2Evolution

Name of the Vulnerable Software and Affected Versions: b2evolution version 7.2.5 Description: The issue allows for arbitrary file upload, leading to command execution, when configured with admins can manipulate sensitive files. This is considered a feature by the vendor, but it can be exploited b...

7.2CVSS7.8AI score0.0091EPSS
Exploits1References7
Prion
Prionadded 2019/05/23 6:29 p.m.19 views

Design/Logic Flaw

b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/callplugin.php...

7.5CVSS7.5AI score0.0059EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2017/01/23 6:49 a.m.46 views

CVE-2017-5539

CVE-2017-5539 relates to a bypass of the directory-traversal patch for b2evolution 6.8.4-stable, allowing an attacker to use ../ to bypass filters and read/delete arbitrary server files or check file existence. Affected product: b2evolution (PHP/MySQL blogging software). Root cause: incomplete fi...

9.1CVSS7.8AI score0.07446EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCveadded 2011/09/23 11:55 p.m.23 views

CVE-2011-3709

b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...

5CVSS5.9AI score0.00283EPSS
Exploits1References1
Rows per page
Query Builder