b2evolution is vulnerable to remote code execution vulnerabilities. It allows remote authenticated users to inject arbitrary web script or HTML via a .swf file in a comment frame or avatar frame of the file types table.
CPE | Name | Operator | Version |
---|---|---|---|
b2evolution | le | 6.7.9 | |
b2evolution | le | 6.8.3 |