Vendor CVEs
B2evolution
All CVEs
29 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5539 | Cri | 0.59 | 9.1 | 0.04 | Jan 23, 2017 | The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used… | ||
| CVE-2017-5480 | Hig | 0.53 | 8.1 | 0.02 | Jan 15, 2017 | Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter. | ||
| CVE-2016-9479 | Hig | 0.49 | 7.5 | 0.02 | Dec 2, 2016 | The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request. | ||
| CVE-2016-7149 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2017 | Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function. | ||
| CVE-2017-5553 | Med | 0.35 | 5.4 | 0.01 | Jan 23, 2017 | Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. | ||
| CVE-2016-7150 | Med | 0.35 | 5.4 | 0.01 | Jan 18, 2017 | Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name. | ||
| CVE-2017-5494 | Med | 0.35 | 5.4 | 0.01 | Jan 15, 2017 | Multiple cross-site scripting (XSS) vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a (1) comment frame or (2) avatar frame. | ||
| CVE-2021-47800 | Med | 0.34 | 5.3 | 0.00 | Jan 16, 2026 | b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a… | ||
| CVE-2021-28242 | 0.03 | — | 0.05 | Apr 15, 2021 | SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab. | |||
| CVE-2020-22841 | 0.03 | — | 0.04 | Feb 9, 2021 | Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module. | |||
| CVE-2020-22840 | 0.03 | — | 0.14 | Feb 9, 2021 | Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php. | |||
| CVE-2013-2945 | 0.03 | — | 0.03 | Apr 2, 2014 | SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute… | |||
| CVE-2006-6417 | 0.03 | — | 0.03 | Dec 10, 2006 | PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | |||
| CVE-2006-6197 | 0.03 | — | 0.02 | Dec 1, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php in… | |||
| CVE-2022-44036 | 0.00 | — | 0.01 | Jan 3, 2023 | In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is… | |||
| CVE-2022-30935 | 0.00 | — | 0.01 | Sep 28, 2022 | An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to get valid sessions for arbitrary users, and optionally reset their password.… | |||
| CVE-2021-31631 | 0.00 | — | 0.01 | Dec 6, 2021 | b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges. | |||
| CVE-2020-22839 | 0.00 | — | 0.05 | Feb 9, 2021 | Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version 6.11.6-stable allows remote attackers to inject arbitrary webscript or HTML code via the tab3 parameter. | |||
| CVE-2016-8901 | 0.00 | — | 0.03 | May 23, 2019 | b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php. | |||
| CVE-2017-1000423 | Cri | 0.00 | 9.8 | 0.02 | Jan 2, 2018 | b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup. | ||
| CVE-2014-9599 | 0.00 | — | 0.02 | Jan 16, 2015 | Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php. | |||
| CVE-2013-7352 | 0.00 | — | 0.01 | Apr 2, 2014 | Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the show_statuses[] parameter, related to CVE-2013-2945. | |||
| CVE-2012-5911 | 0.00 | — | 0.01 | Nov 17, 2012 | Cross-site scripting (XSS) vulnerability in blogs/blog1.php in b2evolution 4.1.3 allows remote attackers to inject arbitrary web script or HTML via the message body. | |||
| CVE-2012-5910 | 0.00 | — | 0.01 | Nov 17, 2012 | SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter. | |||
| CVE-2011-3709 | 0.00 | — | 0.01 | Sep 23, 2011 | b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php and certain other files. | |||
| CVE-2009-1657 | 0.00 | — | 0.01 | May 18, 2009 | Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2007-2681 | 0.00 | — | 0.02 | May 15, 2007 | Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the core_subdir parameter. | |||
| CVE-2007-2358 | 0.00 | — | 0.02 | Apr 30, 2007 | Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c) admin.php, (d) contact.php, (e) default.php, (f) index.php, and (g)… | |||
| CVE-2007-0175 | 0.00 | — | 0.01 | Jan 11, 2007 | Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter. |
- risk 0.59cvss 9.1epss 0.04
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used…
- risk 0.53cvss 8.1epss 0.02
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter.
- risk 0.49cvss 7.5epss 0.02
The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name.
- risk 0.35cvss 5.4epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a (1) comment frame or (2) avatar frame.
- risk 0.34cvss 5.3epss 0.00
b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a…
- CVE-2021-28242Apr 15, 2021risk 0.03cvss —epss 0.05
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab.
- CVE-2020-22841Feb 9, 2021risk 0.03cvss —epss 0.04
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module.
- CVE-2020-22840Feb 9, 2021risk 0.03cvss —epss 0.14
Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
- CVE-2013-2945Apr 2, 2014risk 0.03cvss —epss 0.03
SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute…
- CVE-2006-6417Dec 10, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.
- CVE-2006-6197Dec 1, 2006risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php in…
- CVE-2022-44036Jan 3, 2023risk 0.00cvss —epss 0.01
In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is…
- CVE-2022-30935Sep 28, 2022risk 0.00cvss —epss 0.01
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to get valid sessions for arbitrary users, and optionally reset their password.…
- CVE-2021-31631Dec 6, 2021risk 0.00cvss —epss 0.01
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges.
- CVE-2020-22839Feb 9, 2021risk 0.00cvss —epss 0.05
Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version 6.11.6-stable allows remote attackers to inject arbitrary webscript or HTML code via the tab3 parameter.
- CVE-2016-8901May 23, 2019risk 0.00cvss —epss 0.03
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php.
- risk 0.00cvss 9.8epss 0.02
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
- CVE-2014-9599Jan 16, 2015risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php.
- CVE-2013-7352Apr 2, 2014risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the show_statuses[] parameter, related to CVE-2013-2945.
- CVE-2012-5911Nov 17, 2012risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in blogs/blog1.php in b2evolution 4.1.3 allows remote attackers to inject arbitrary web script or HTML via the message body.
- CVE-2012-5910Nov 17, 2012risk 0.00cvss —epss 0.01
SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter.
- CVE-2011-3709Sep 23, 2011risk 0.00cvss —epss 0.01
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php and certain other files.
- CVE-2009-1657May 18, 2009risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
- CVE-2007-2681May 15, 2007risk 0.00cvss —epss 0.02
Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the core_subdir parameter.
- CVE-2007-2358Apr 30, 2007risk 0.00cvss —epss 0.02
Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c) admin.php, (d) contact.php, (e) default.php, (f) index.php, and (g)…
- CVE-2007-0175Jan 11, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.