BloofoxCms is a Php-based text content management system from alexlang24 personal developer. bloofoxCMS suffers from a cross-site scripting vulnerability that stems from the lack of user-supplied data and output data validation filtering in the file and type parameters in index.php. An attacker could exploit this vulnerability to execute JavaScript code on the client side.