Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bloofox bloofoxcms 0.5.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23151
bloofoxCMS v0.5.2.1 exists to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php.
Bloofox Bloofoxcms 0.5.2.1
578
VMScore
CVE-2022-28528
bloofoxCMS v0.5.2.1 exists to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote malicious users to execute arbitrary code and escalate privileges via crafted webshell file to upload module.
Bloofox Bloofoxcms 0.5.2.1
312
VMScore
CVE-2020-36139
BloofoxCMS 0.5.2.1 allows Reflected Cross-Site Scripting (XSS) vulnerability by inserting a XSS payload within the 'fileurl' parameter.
Bloofox Bloofoxcms 0.5.2.1
383
VMScore
CVE-2020-36140
BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery (CSRF) via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content (Locally/Remotely).
Bloofox Bloofoxcms 0.5.2.1
578
VMScore
CVE-2020-36141
BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.
Bloofox Bloofoxcms 0.5.2.1
356
VMScore
CVE-2020-36142
BloofoxCMS 0.5.2.1 allows Directory traversal vulnerability by inserting '../' payloads within the 'fileurl' parameter.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34750
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34751
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34752
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
Bloofox Bloofoxcms 0.5.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »