CVE-2017-1000423

b2evolution version 6.6.0 – 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim’s setup.

Source: CVE-2017-1000423