CVE-2021-31632

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-31632
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31632.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-31632
Published
2021-12-06T22:15:07Z
Modified
2024-09-03T03:49:05.782529Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to execute arbitrary code via a crafted input.

References

Affected packages

Git / github.com/b2evolution/b2evolution

Affected ranges

Type
GIT
Repo
https://github.com/b2evolution/b2evolution
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

Other

6-9-4
6-9-5

6.*

6.0.0-alpha
6.0.0-alpha.1
6.1.2-alpha
6.10.1
6.10.2
6.10.3
6.10.4
6.10.5
6.10.6
6.10.7
6.10.8
6.11.0
6.11.1
6.11.2
6.11.3
6.11.4
6.11.5
6.11.6
6.11.7
6.4.2-beta
6.4.3-beta
6.4.4-beta
6.5.0
6.6.0
6.6.1
6.6.10
6.6.2
6.6.3
6.6.4
6.6.5
6.6.6
6.6.7
6.6.8
6.6.9
6.7.0-alpha
6.7.1-beta
6.7.10
6.7.11
6.7.2
6.7.3
6.7.4
6.7.5
6.7.6
6.7.7
6.7.8
6.7.9
6.8.0-beta
6.8.1
6.8.10
6.8.11
6.8.2
6.8.3
6.8.4
6.8.5
6.8.6
6.8.7
6.8.8
6.8.9
6.9.0-beta
6.9.1-beta
6.9.2-beta
6.9.3
6.9.4
6.9.5
6.9.6
6.9.7

7.*

7.0.1
7.0.1-cemper
7.1.3
7.1.4
7.1.5
7.1.6
7.1.7
7.2.0
7.2.1
7.2.2
7.2.3

v5.*

v5.2.0-stable