CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-07 21:46:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52
CVEs-PoC/2013/CVE-2013-2945.md
T
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

804 B
Raw Blame History

CVE-2013-2945

Description

SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink