Skip to main content

B2Evolution Cms

2 CVEs product

Monthly

CVE-2021-31632 CRITICAL POC Act Now

b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE B2Evolution Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-31631 HIGH POC This Week

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF B2Evolution Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE B2Evolution Cms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF B2Evolution Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy