Description
Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Affected products
- B2Evolution / starrating_plugin0.7.6
- B2Evolution / starrating_plugin0.6 – 0.6
- B2Evolution / starrating_plugin0.7 – 0.7
- B2Evolution / starrating_plugin0.7.5 – 0.7.5