Vulnerabilities

CVE-2013-7352

by Fred · 02/04/2014

Cross-site request forgery (CSRF) vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the show_statuses[] parameter, related to CVE-2013-2945.

Date published : 2014-04-02

http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html

http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3

Similar

Tags: Cybersecurity Alert