BlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at...
9.8CVSS
9.8AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.7AI Score
0.002EPSS
9.8CVSS
8.5AI Score
0.002EPSS
A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_id is spliced directly in uploads/admin/ad.php in the admin folder, and is not wrapped in single quotes, resulting in injection around the escape of magic...
9.8CVSS
9.1AI Score
0.002EPSS
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit...
9.8CVSS
8.8AI Score
0.002EPSS
9.8CVSS
8.7AI Score
0.002EPSS
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send...
9.3AI Score
0.002EPSS