b2evolution 1.8.2/1.9 - '_404_not_found.page.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

b2evolution 1.8.21.9 - _404_not_found.page.php Multiple Cross-Site Scripting Vulnerabilities

b2evolution 1.8.21.9 - 404notfound.page.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attack...

b2evolution 1.8.2/1.9 - '_referer_spam.page.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

b2evolution18.txt

PerSiaNFoX DigitaL SecuritY TeaM b2evolution= 1.8 Remote File Include Vulnerabilities Script.............. : b2evolution Discovered By.... : Root3rH3ll Location .......... : Iran Class.............. : Remote Original Advisory : http://Www.PersainFox.com We ArE : Root3rH3LL , Arash.RJ Spical TNX H...

Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )

PerSiaNFoX DigitaL SecuritY TeaM b2evolution= 1.8 Remote File Include Vulnerabilities Script.............. : b2evolution Discovered By.... : Root3rH3ll Location .......... : Iran Class.............. : Remote Original Advisory : http://Www.PersainFox.com We ArE : Root3rH3LL , Arash.RJ Spical TNX H...

[SA17440] b2evolution XML-RPC PHP Code Execution Vulnerabilities

TITLE: b2evolution XML-RPC PHP Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA17440 VERIFY ADVISORY: http://secunia.com/advisories/17440/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: b2evolution 0.x http://secunia.com/product/2126/ DESCRIPTION: Two...

b2Evolution title SQL Injection

There is an SQL injection vulnerability in the remote version of b2evolution which may allow an attacker to execute arbitrary SQL statements against the remote database by providing a malformed value to the SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a...

SUSE-SA:2005:041: php/pear XML::RPC

The remote host is missing the patch for the advisory SUSE-SA:2005:041 php/pear XML::RPC. A bug in the PEAR::XMLRPC library allowed remote attackers to pass arbitrary PHP code to the eval function. The updated php packages fix the XML::RPC bug, however several third party PHP packages include a...

[SA13718] b2evolution "title" SQL Injection Vulnerability

TITLE: b2evolution "title" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA13718 VERIFY ADVISORY: http://secunia.com/advisories/13718/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: b2evolution 0.x http://secunia.com/product/2126/ DESCRIPTION: r0ut3r ha...

b2evolution index.php SQL Injection

Binary data 2487.prm...