3 matches found
b2evolution CMS 6.8.10 PHP Code Execution
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution Information =========== Name: b2evolution CMS 6.8.10 Software: b2evolution CMS Homepage: http://b2evolution.net/ Vulnerability: PHP code execution Prerequisites: publicly accessible /install functionality CVE: CVE-2017-1000423 Credit: Anti RA$?is...
CVE-2017-1000423
CVE-2017-1000423 affects b2evolution CMS versions 6.6.0–6.8.10. The root cause is input validation in the basic install functionality (backslash and single quote escape), allowing an unauthenticated attacker to gain PHP code execution on the victim’s setup. Multiple sources corroborate a remote P...
CVE-2017-1000423
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation backslash and single quote escape in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup...