Known Vulnerabilities for B2evolution Cms by B2evolution
Listed below are 4 of the newest known vulnerabilities associated with "B2evolution Cms" by "B2evolution".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-44036 json | ** DISPUTED ** In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allow... | 7.2 - HIGH | 2023-01-03 | 2023-11-07 |
| CVE-2021-31632 json | b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User log... | 9.8 - CRITICAL | 2021-12-06 | 2021-12-07 |
| CVE-2021-31631 json | b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerabil... | 8.8 - HIGH | 2021-12-06 | 2021-12-07 |
| CVE-2020-22839 json | Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version 6.11.6-stable allows rem... | 6.1 - MEDIUM | 2021-02-09 | 2021-02-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | B2evolution | B2evolution Cms | 5.2.2 | |||
| Application | B2evolution | B2evolution Cms | 5.2.1 | |||
| Application | B2evolution | B2evolution Cms | 5.2.0 | |||
| Application | B2evolution | B2evolution Cms | 5.1.2 |