SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote malicious users to execute arbitrary SQL commands via the gender parameter.
bloofox bloofoxcms 0.3.5