b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"cpe": "cpe:2.3:a:b2evolution:b2evolution:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "6.6.0"
},
{
"last_affected": "6.8.10"
}
]
}