270 matches found
CVE-2012-5911
Cross-site scripting XSS vulnerability in blogs/blog1.php in b2evolution 4.1.3 allows remote attackers to inject arbitrary web script or HTML via the message body...
Sql injection
SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in blogs/blog1.php in b2evolution 4.1.3 allows remote attackers to inject arbitrary web script or HTML via the message body...
CVE-2012-5911
CVE-2012-5911: XSS in b2evolution 4.1.3 (blogs/blog1.php) allows remote attackers to inject arbitrary script via the message body. No remediation details are provided in the supplied documents.
CVE-2012-5911
Cross-site scripting XSS vulnerability in blogs/blog1.php in b2evolution 4.1.3 allows remote attackers to inject arbitrary web script or HTML via the message body...
CVE-2012-5910
CVE-2012-5910 is a SQL injection in blogs/htsrv/viewfile.php of b2evolution 4.1.3. An authenticated remote user can inject SQL via the root parameter to execute arbitrary commands. Impact is partial confidentiality/integrity/availability as stated; attack vector is web-based with single-privilege...
B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities
Document Title: =============== B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=482 Release Date: ============= 2012-03-28 Vulnerability Laboratory ID VL-ID: ==================================== 482 Produc...
B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities
Document Title: =============== B2Evolution CMS 4.1.3 - Multiple Web Vulnerabilities References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=482 Release Date: ============= 2012-03-28 Vulnerability Laboratory ID VL-ID: ==================================== 482 Produc...
CVE-2011-3709
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...
Information disclosure
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...
CVE-2011-3709
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...
CVE-2011-3709
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...
CVE-2011-3709
CVE-2011-3709 affects b2evolution 3.3.3. The vulnerability is information disclosure via a direct request to a PHP file, which leaks the installation path in an error message (example: locales/ru_RU/ru-RU.locale.php). This is a server-side path disclosure vulnerability that allows remote attacker...
b2evolution 4.0.5 Remote File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
b2evolution 4.0.5 (default.php) Remote File inclusion Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
b2evolution 4.0.3 Persistent XSS Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5...
b2evolution 4.0.3 Cross Site Scripting
------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5 Download................http://b2evolution.net/ Vendor Contact Date.....3/15/2011...
b2evolution 4.0.3 - Persistent Cross-Site Scripting
b2evolution 4.0.3 - Persistent Cross-Site Scripting Source: http://packetstormsecurity.org/files/view/99362/b2evolution403-xss.txt ------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site...
b2evolution 4.0.3 - Persistent Cross-Site Scripting
Source: http://packetstormsecurity.org/files/view/99362/b2evolution403-xss.txt ------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5...
b2evolution 3.3.3 - Cross-Site Request Forgery
b2evolution 3.3.3 - Cross-Site Request Forgery ---------------------------------------------------------------------------- : Exploit Title: b2evolution 3.3.3 Cross site request forgery : : Date: 05/07/2010 & 23/07/1431 H : : Author: saudi0hacker : : Software Link:...