Description
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
Remediation
References
Related Vulnerabilities
Internet Information Services Uncontrolled Resource Consumption Vulnerability (CVE-2009-2521)
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (7.8.9)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7832)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5106)