CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9599

Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.4%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-9599

B2evolution » B2evolution » Version: 4.1.0

cpe:2.3:a:b2evolution:b2evolution:4.1.0
B2evolution » B2evolution » Version: 4.1.1

cpe:2.3:a:b2evolution:b2evolution:4.1.1
B2evolution » B2evolution » Version: 4.1.2

cpe:2.3:a:b2evolution:b2evolution:4.1.2
B2evolution » B2evolution » Version: 4.1.3

cpe:2.3:a:b2evolution:b2evolution:4.1.3
B2evolution » B2evolution » Version: 4.1.4

cpe:2.3:a:b2evolution:b2evolution:4.1.4
B2evolution » B2evolution » Version: 4.1.5

cpe:2.3:a:b2evolution:b2evolution:4.1.5
B2evolution » B2evolution » Version: 4.1.6

cpe:2.3:a:b2evolution:b2evolution:4.1.6
B2evolution » B2evolution » Version: 4.1.7

cpe:2.3:a:b2evolution:b2evolution:4.1.7
B2evolution » B2evolution » Version: 5.1.2

cpe:2.3:a:b2evolution:b2evolution:5.1.2
B2evolution » B2evolution » Version: 5.2.0

cpe:2.3:a:b2evolution:b2evolution:5.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9599

Products

Pricing

Contact Us