CVE-2013-2945 - OpenCVE

SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
B2evolution	B2evolution

Configuration 1 [-]

OR	cpe:2.3:a:b2evolution:b2evolution::::::::
	cpe:2.3:a:b2evolution:b2evolution:4.1.0:::::::*
	cpe:2.3:a:b2evolution:b2evolution:4.1.1:::::::*
	cpe:2.3:a:b2evolution:b2evolution:4.1.2:::::::*
	cpe:2.3:a:b2evolution:b2evolution:4.1.3:::::::*
	cpe:2.3:a:b2evolution:b2evolution:4.1.4:::::::*
	cpe:2.3:a:b2evolution:b2evolution:4.1.5:::::::*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html	Exploit
http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3	Patch Vendor Advisory
http://osvdb.org/92905
http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html	Exploit
http://www.securityfocus.com/bid/59599	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/83950
https://www.htbridge.com/advisory/HTB23152	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-04-02T15:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2013-04-11T00:00:00

Link: CVE-2013-2945

JSON object: View

NVD Information

Status : Modified

Published: 2014-04-02T16:17:06.697

Modified: 2017-08-29T01:33:17.340

Link: CVE-2013-2945

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20130501 SQL Injection in b2evolution", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html"}, {"name": "b2evolution-admin-sql-injection(83950)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83950"}, {"name": "59599", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/59599"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html"}, {"name": "92905", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/92905"}, {"tags": ["x_refsource_MISC"], "url": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3"}, {"tags": ["x_refsource_MISC"], "url": "https://www.htbridge.com/advisory/HTB23152"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2945", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20130501 SQL Injection in b2evolution", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html"}, {"name": "b2evolution-admin-sql-injection(83950)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83950"}, {"name": "59599", "refsource": "BID", "url": "http://www.securityfocus.com/bid/59599"}, {"name": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html"}, {"name": "92905", "refsource": "OSVDB", "url": "http://osvdb.org/92905"}, {"name": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3", "refsource": "MISC", "url": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3"}, {"name": "https://www.htbridge.com/advisory/HTB23152", "refsource": "MISC", "url": "https://www.htbridge.com/advisory/HTB23152"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-2945", "datePublished": "2014-04-02T15:00:00", "dateReserved": "2013-04-11T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:b2evolution:b2evolution:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B95D379-00DA-41FA-BD90-7A298DC799FD", "versionEndIncluding": "4.1.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "744254C5-B523-4B8F-93B4-BE440F45D0FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5634AF1D-1F2F-41A0-8799-128FD246A55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FD69355B-C450-46E8-B693-8AA3A44BD73C", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C1C718A7-E2EB-4881-98D4-919A32C17DF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "39CF7F8F-F078-413E-B36D-268703DC185B", "vulnerable": true}, {"criteria": "cpe:2.3:a:b2evolution:b2evolution:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E2F17ABF-1DBB-4C68-BB91-A1FC2F6AA0A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en blogs/admin.php en b2evolution anterior a 4.1.7 permite a administradores remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro show_statuses[]. NOTA: esto puede ser aprovechado utilizando CSRF para permitir a atacantes no autenticados ejecutar comandos SQL arbitrarios."}], "id": "CVE-2013-2945", "lastModified": "2017-08-29T01:33:17.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-02T16:17:06.697", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/92905"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/59599"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83950"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.htbridge.com/advisory/HTB23152"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}