CVE-2016-8901

CVE-2016-8901

EPSS 2.7%

b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/b2evolution/b2evolution/commit/25c21cf9cc4261324001f9039509710b37ee2c4d https://github.com/b2evolution/b2evolution/commit/999b5ad1d59760d7e450ceb541f55432fc74cd27 http://www.openwall.com/lists/oss-security/2016/09/30/3