CVE-2017-1000423 – b2evolution CMS 6.8.10 PHP Code Execution
https://notcve.org/view.php?id=CVE-2017-1000423
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup. b2evolution, de las versiones 6.6.0 a la 6.8.10, es vulnerable a la validación de entradas (escape de barra diagonal inversa y comilla simple) en la funcionalidad de instalación básica. Esto provoca que un atacante no autenticado pueda ejecutar código PHP en la instalación de la víctima. b2evolution CMS versions 6.6.0 through 6.8.10 suffer from a php code execution vulnerability. • https://github.com/b2evolution/b2evolution/commit/0096a3ebc85f6aadbda2c4427cd092a538b161d2 https://github.com/b2evolution/b2evolution/commit/b899d654d931f3bf3cfbbdd71e0d1a0f3a16d04c • CWE-20: Improper Input Validation •
CVE-2017-5539
https://notcve.org/view.php?id=CVE-2017-5539
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists. El parche para el salto de directorio (CVE-2017-5480) en b2evolution versión 6.8.4-stable tiene una vulnerabilidad eludible. • http://b2evolution.net/downloads/6-8-5 http://www.securityfocus.com/bid/95700 https://github.com/b2evolution/b2evolution/commit/e35f7c195d8c1103d2d981a48cda5ab45ecac48a https://github.com/b2evolution/b2evolution/issues/36 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2017-5553
https://notcve.org/view.php?id=CVE-2017-5553
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. Vulnerabilidad de XSS en plugins/markdown_plugin/_markdown.plugin.php en b2evolution en versiones anteriores a 6.8.5 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL javascript:. • http://b2evolution.net/downloads/6-8-5 http://www.securityfocus.com/bid/95704 https://github.com/b2evolution/b2evolution/commit/ce5b36e44b714b18b0bcd34c6db0187b8d13bab8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7149
https://notcve.org/view.php?id=CVE-2016-7149
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function. Vulnerabilidad de XSS en b2evolution 6.7.5 y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores relacionados con la función autolink. • http://www.openwall.com/lists/oss-security/2016/09/12/1 http://www.openwall.com/lists/oss-security/2016/09/15/4 http://www.securityfocus.com/bid/92967 https://github.com/b2evolution/b2evolution/commit/9a4ab85439d1b838ee7b8eeebbf59174bb787811 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7150
https://notcve.org/view.php?id=CVE-2016-7150
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name. Vulnerabilidad de XSS en b2evolution 6.7.5 y versiones anteriores permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del nombre del sitio. • http://www.openwall.com/lists/oss-security/2016/09/12/1 http://www.openwall.com/lists/oss-security/2016/09/15/4 http://www.securityfocus.com/bid/92967 https://github.com/b2evolution/b2evolution/commit/dd975fff7fce81bf12f9c59edb1a99475747c83c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •