Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bloofox bloofoxcms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-44608
Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) file parameter and (2) type parameter in an edit action in index.php.
Bloofox Bloofoxcms
9.8
CVSSv3
CVE-2021-44610
Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lang_id, (3) tmpl_id, (4) mod_rewrite (5) eta_doctype. (6) meta_charset, (7) default_group, and (8) page group parameters in the settings mode in admin/index.php.
Bloofox Bloofoxcms
NA
CVE-2010-4870
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote malicious users to execute arbitrary SQL commands via the gender parameter.
Bloofox Bloofoxcms 0.3.5
1 EDB exploit
NA
CVE-2009-4522
Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCMS 0.3.5 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to index.php. NOTE: some of these details are obtained from third party information.
Bloofox Bloofoxcms 0.3.5
1 EDB exploit
9.8
CVSSv3
CVE-2023-34750
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
Bloofox Bloofoxcms 0.5.2.1
9.8
CVSSv3
CVE-2023-34751
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
Bloofox Bloofoxcms 0.5.2.1
9.8
CVSSv3
CVE-2023-34752
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
Bloofox Bloofoxcms 0.5.2.1
9.8
CVSSv3
CVE-2023-34753
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
Bloofox Bloofoxcms 0.5.2.1
9.8
CVSSv3
CVE-2023-34754
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
Bloofox Bloofoxcms 0.5.2.1
9.8
CVSSv3
CVE-2023-34755
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
Bloofox Bloofoxcms 0.5.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »