Bug 635598 (CVE-2016-7149, CVE-2016-7150, CVE-2017-5480, CVE-2017-5539)

Description GLSAMaker/CVETool Bot 2017-10-27 16:32:22 UTC

CVE-2017-5539 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5539):
  The patch for directory traversal (CVE-2017-5480) in b2evolution version
  6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass
  the filter rule. Then, this attacker can exploit this vulnerability to
  delete or read any files on the server. It can also be used to determine
  whether a file exists.

CVE-2017-5480 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5480):
  Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution
  through 6.8.3 allows remote authenticated users to read or delete arbitrary
  files by leveraging back-office access to provide a .. (dot dot) in the
  fm_selected array parameter.

CVE-2016-7150 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7150):
  Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier
  allows remote authenticated users to inject arbitrary web script or HTML via
  the site name.

CVE-2016-7149 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7149):
  Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier
  allows remote attackers to inject arbitrary web script or HTML via vectors
  related to the autolink function.