CVE-2020-37241

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

CVE-2020-37241 bloofoxCMS 0.5.2.1 Cross-Site Request Forgery via user add

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

bloofoxCMS 跨站请求伪造漏洞

BloofoxCMS is a PHP-based content management system developed by the BloofoxCMS team. Version 0.5.2.1 of BloofoxCMS has a cross-site request forgeing vulnerability. This vulnerability allows attackers to trick users into accessing malicious pages and performing administrative operations. Attacker...

CVE-2021-47906

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

EUVD-2020-23718

Malware in sbrugna...

CVE-2020-36082

File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module...

bloofoxCMS 代码问题漏洞

bloofoxCMS is Bloofox bloofoxCMS individual developers of a Php-based text content management system. A file upload vulnerability exists in bloofoxCMS version 0.5.2.1, which stems from the application's lack of valid validation of uploaded files. The vulnerability can be exploited to execute...

CVE-2023-34754

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit...

CVE-2023-34752

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit...

bloofoxCMS SQL注入漏洞

bloofoxCMS is a Php-based text content management system by the individual developer of bloofoxCMS. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from the cid parameter found to contain an SQL injection vulnerability via...

PT-2023-25002 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the cid parameter at the "admin/index.php?mode=settings&page=charset&action=edit" endpoint. Recommendations: For bloofox versi...

PT-2023-25000 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the pid parameter at the "admin/index.php?mode=settings&page=plugins&action=edit" endpoint. Recommendations: F...

bloofoxCMS SQL注入漏洞

bloofoxCMS is bloofox bloofoxCMS individual developers of a Php-based text content management system. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from a SQL injection vulnerability contained in the lid parameter found via...

PT-2023-24998 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the lid parameter at the "admin/index.php?mode=settings&page=lang&action=edit" endpoint. Recommendations: For...

bloofoxCMS SQL注入漏洞

bloofoxCMS is Bloofox bloofoxCMS individual developers of a Php-based text content management system. A SQL injection vulnerability exists in bloofoxCMS version v0.5.2.1, which can be exploited by attackers to obtain sensitive information from the database...

PT-2023-25001 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the userid parameter at the "admin/index.php?mode=user&action=edit" endpoint. Recommendations: For bloofox version 0.5.2.1,...

PT-2023-24999 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the tid parameter at the "admin/index.php?mode=settings&page=tmpl&action=edit" endpoint. Recommendations: For...

bloofoxCMS SQL注入漏洞

bloofoxCMS is bloofox bloofoxCMS individual developers of a Php-based text content management system. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from a pid parameter found to contain an SQL injection vulnerability via...

CVE-2023-34753

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit...

PT-2023-24996 · Bloofox · Bloofox

Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the cid parameter at the "admin/index.php?mode=settings&page=projects&action=edit" endpoint. Recommendations:...