CVE-2017-5480
https://notcve.org/view.php?id=CVE-2017-5480
Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter. Vulnerabilidad de salto de directorio en inc/files/files.ctrl.php en b2evolution hasta la versión 6.8.3 permite a usuarios remotos autenticados leer o eliminar archivos arbitrarios aprovechando el acceso back-office para proporcionar un .. (punto punto) en el parámetro del array fm_selected. • http://www.securityfocus.com/bid/95454 https://github.com/b2evolution/b2evolution/commit/26841d9c81f27ad23b2f6e4bd5eaec7f2f58dfe0 https://github.com/b2evolution/b2evolution/issues/35 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2017-5494
https://notcve.org/view.php?id=CVE-2017-5494
Multiple cross-site scripting (XSS) vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a (1) comment frame or (2) avatar frame. Múltiples vulnerabilidades de XSS en la tabla de tipos de archivo en b2evolution hasta la versión 6.8.3 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de un archivo .swf manipulado en un (1) marco del comentario o (2) marco del avatar. • http://www.securityfocus.com/bid/95452 https://github.com/b2evolution/b2evolution/commit/261dbd5b294e707af766691e65a177a290314a6e https://github.com/b2evolution/b2evolution/issues/34 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-9479
https://notcve.org/view.php?id=CVE-2016-9479
The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request. La funcionalidad "contraseña perdida" en b2evolution en versiones anteriores a 6.7.9 permite a atacantes remotos restablecer contraseñas de usuario arbitrarias a través de una solicitud manipulada. • http://b2evolution.net/downloads/6-7-9-stable http://www.securityfocus.com/bid/95006 http://www.securitytracker.com/id/1037393 https://github.com/b2evolution/b2evolution/issues/33 • CWE-255: Credentials Management Errors •
CVE-2014-9599
https://notcve.org/view.php?id=CVE-2014-9599
Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php. Vulnerabilidad de XSS en el gestor de ficheros en b2evolution anterior a 5.2.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro fm_filter en blogs/admin.php. • http://b2evolution.net/downloads/5-2-1-stable http://packetstormsecurity.com/files/129940/CMS-b2evolution-5.2.0-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2015/Jan/48 http://sroesemann.blogspot.de/2014/12/sroeadv-2014-09.html http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2014-09.html http://www.securityfocus.com/bid/72052 https://exchange.xforce.ibmcloud.com/vulnerabilities/99891 https://twitter.com/SecLists/status/554937224366546944 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-7352
https://notcve.org/view.php?id=CVE-2013-7352
Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the show_statuses[] parameter, related to CVE-2013-2945. Vulnerabilidad de CSRF en blogs/admin.php en b2evolution anterior a 4.1.7 permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que realizan ataques de inyección SQL a través del parámetro show_statuses[], relacionado con CVE-2013-2945. • http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3 http://osvdb.org/show/osvdb/92906 http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html https://www.htbridge.com/advisory/HTB23152 • CWE-352: Cross-Site Request Forgery (CSRF) •