CVE-2017-5539
https://notcve.org/view.php?id=CVE-2017-5539
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists. El parche para el salto de directorio (CVE-2017-5480) en b2evolution versión 6.8.4-stable tiene una vulnerabilidad eludible. • http://b2evolution.net/downloads/6-8-5 http://www.securityfocus.com/bid/95700 https://github.com/b2evolution/b2evolution/commit/e35f7c195d8c1103d2d981a48cda5ab45ecac48a https://github.com/b2evolution/b2evolution/issues/36 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2017-5553
https://notcve.org/view.php?id=CVE-2017-5553
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. Vulnerabilidad de XSS en plugins/markdown_plugin/_markdown.plugin.php en b2evolution en versiones anteriores a 6.8.5 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL javascript:. • http://b2evolution.net/downloads/6-8-5 http://www.securityfocus.com/bid/95704 https://github.com/b2evolution/b2evolution/commit/ce5b36e44b714b18b0bcd34c6db0187b8d13bab8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7149
https://notcve.org/view.php?id=CVE-2016-7149
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function. Vulnerabilidad de XSS en b2evolution 6.7.5 y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores relacionados con la función autolink. • http://www.openwall.com/lists/oss-security/2016/09/12/1 http://www.openwall.com/lists/oss-security/2016/09/15/4 http://www.securityfocus.com/bid/92967 https://github.com/b2evolution/b2evolution/commit/9a4ab85439d1b838ee7b8eeebbf59174bb787811 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7150
https://notcve.org/view.php?id=CVE-2016-7150
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name. Vulnerabilidad de XSS en b2evolution 6.7.5 y versiones anteriores permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del nombre del sitio. • http://www.openwall.com/lists/oss-security/2016/09/12/1 http://www.openwall.com/lists/oss-security/2016/09/15/4 http://www.securityfocus.com/bid/92967 https://github.com/b2evolution/b2evolution/commit/dd975fff7fce81bf12f9c59edb1a99475747c83c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-5480
https://notcve.org/view.php?id=CVE-2017-5480
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter. Vulnerabilidad de salto de directorio en inc/files/files.ctrl.php en b2evolution hasta la versión 6.8.3 permite a usuarios remotos autenticados leer o eliminar archivos arbitrarios aprovechando el acceso back-office para proporcionar un .. (punto punto) en el parámetro del array fm_selected. • http://www.securityfocus.com/bid/95454 https://github.com/b2evolution/b2evolution/commit/26841d9c81f27ad23b2f6e4bd5eaec7f2f58dfe0 https://github.com/b2evolution/b2evolution/issues/35 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •