5 matches found
white-oak-stables.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1077381 Security Researcher geeknik Helped patch 8924 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting white-oak-stables.com...
Directory traversal
The patch for directory traversal CVE-2017-5480 in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ../ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether...
CVE-2017-5480
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. dot dot in the fmselected array parameter...
CVE-2017-5480
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. dot dot in the fmselected array parameter...
CVE-2017-5480
The CVE-2017-5480 issue affects b2evolution’s back-office flow, specifically the PHP file inc/files/files.ctrl.php. A directory traversal flaw permits remote authenticated users to read or delete arbitrary files by injecting a dot-dot sequence into the fm_selected array parameter. Affected softwa...