Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bloofox bloofoxcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-44610
Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lang_id, (3) tmpl_id, (4) mod_rewrite (5) eta_doctype. (6) meta_charset, (7) default_group, and (8) page group parameters in the settings mode in admin/index.php.
Bloofox Bloofoxcms
3.5
CVSSv2
CVE-2021-44608
Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) file parameter and (2) type parameter in an edit action in index.php.
Bloofox Bloofoxcms
NA
CVE-2023-29597
bloofox v0.5.2 exists to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1.
Bloofox Bloofoxcms 0.5.2
NA
CVE-2023-34753
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34754
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34755
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-34756
bloofox v0.5.2.1 exists to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
Bloofox Bloofoxcms 0.5.2.1
6.5
CVSSv2
CVE-2022-28528
bloofoxCMS v0.5.2.1 exists to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.
Bloofox Bloofoxcms 0.5.2.1
NA
CVE-2023-27812
bloofox v0.5.2 exists to contain an arbitrary file deletion vulnerability via the delete_file() function.
Bloofox Bloofoxcms 0.5.2
4.3
CVSSv2
CVE-2008-5748
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote malicious users to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
Bloofox Bloofoxcms 0.3.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »