b2evolution 7-2-2 SQL Injection

Exploit Title: b2evolution 7-2-2 obtaining sensitive database information by injecting SQL commands into the "cfname" parameter Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 05.06.2021 Vendor: https://b2evolution.net/ Link: https://b2evolution.net/downloads/7-2-2 CVE:...