SQL Injection Vulnerabilities in Starrating Plugin for b2evolution
CVE-2009-1657

Currently unrated

Key Information:

Vendor: B2evolution
Status: Starrating Plugin
Vendor: CVE Published:; 18 May 2009

🔔 Create B2evolution Vulnerability Alert

What is CVE-2009-1657?

The Starrating plugin for b2evolution before version 0.7.7 is susceptible to multiple SQL injection vulnerabilities. These weaknesses enable remote attackers to execute arbitrary SQL commands through unspecified methods. Successful exploitation could lead to unauthorized access to the underlying database, data leakage, or manipulation of critical data. It is essential for users of the Starrating plugin to upgrade to the latest version to mitigate these risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/50417

vdb-entryx_refsource_XF

http://sourceforge.net/project/shownotes.php?release_id=6...

x_refsource_CONFIRM

http://osvdb.org/54369

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
May 18, 2009
Vulnerability Reserved
May 17, 2009

JSON