Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bloofox vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-35762
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows malicious users to read local files.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34751
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34756
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-23151
bloofoxCMS v0.5.2.1 exists to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php.
Bloofox Bloofoxcms 0.5.2.1
4.3
CVSSv2
CVE-2020-35759
bloofoxCMS 0.5.2.1 is infected with a CSRF Attack that leads to an attacker editing any file content (Locally/Remotely).
Bloofox Bloofoxcms 0.5.2.1
3.5
CVSSv2
CVE-2020-35761
bloofoxCMS 0.5.2.1 is infected with XSS that allows remote malicious users to execute arbitrary JS/HTML Code.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-29597
bloofox v0.5.2 exists to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1.
Bloofox Bloofoxcms 0.5.2
NA
CVE-2023-27812
bloofox v0.5.2 exists to contain an arbitrary file deletion vulnerability via the delete_file() function.
Bloofox Bloofoxcms 0.5.2
NA
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote malicious users to execute arbitrary code and escalate privileges via crafted webshell file to upload module.
Bloofox Bloofoxcms 0.5.2.1
3.5
CVSSv2
CVE-2020-36139
BloofoxCMS 0.5.2.1 allows Reflected Cross-Site Scripting (XSS) vulnerability by inserting a XSS payload within the 'fileurl' parameter.
Bloofox Bloofoxcms 0.5.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »