SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 62.9%