Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bloofox bloofoxcms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4522
Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCMS 0.3.5 allows remote malicious users to inject arbitrary web script or HTML via the search parameter to index.php. NOTE: some of these details are obtained from third party information.
Bloofox Bloofoxcms 0.3.5
1 EDB exploit
4
CVSSv2
CVE-2020-35709
bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal.
Bloofox Bloofoxcms 0.5.2.1
4.3
CVSSv2
CVE-2020-35759
bloofoxCMS 0.5.2.1 is infected with a CSRF Attack that leads to an attacker editing any file content (Locally/Remotely).
Bloofox Bloofoxcms 0.5.2.1
7.5
CVSSv2
CVE-2020-35760
bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows malicious users to upload malicious files (ex: php files).
Bloofox Bloofoxcms 0.5.2.1
4
CVSSv2
CVE-2020-35762
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows malicious users to read local files.
Bloofox Bloofoxcms 0.5.2.1
7.5
CVSSv2
CVE-2010-4870
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote malicious users to execute arbitrary SQL commands via the gender parameter.
Bloofox Bloofoxcms 0.3.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-0428
Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php.
Bloofoxcms Bloofoxcms 0.3
1 EDB exploit
7.8
CVSSv2
CVE-2008-0427
Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Bloo Bloofoxcms 0.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3