Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

234 matches found

Nuclei
Nucleiadded yesterday18 views

bloofoxCMS v0.5.2.1 - SQL Injection

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit. id: CVE-2023-34755 info: name: bloofoxCMS v0.5.2.1 - SQL Injection author: theamanrawat severity: critical description: | bloofox v0.5.2.1 was discovered to...

9.8CVSS7.4AI score0.33243EPSS
Exploits1References3
NVD
NVDadded 2026/05/16 4:16 p.m.4 views

CVE-2020-37241

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

6.9CVSS0.00019EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/16 3:28 p.m.2 views

CVE-2020-37241

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

6.9CVSS5.8AI score0.00019EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/16 3:28 p.m.31 views

CVE-2020-37241 bloofoxCMS 0.5.2.1 Cross-Site Request Forgery via user add

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

6.9CVSS0.00019EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/16 3:28 p.m.6 views

CVE-2020-37241 bloofoxCMS 0.5.2.1 Cross-Site Request Forgery via user add

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

6.9CVSS5.8AI score0.00019EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/16 12:0 a.m.7 views

PT-2026-41441

bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can craft hidden forms targeting the admin user creation endpoint to add new administrative accounts...

6.9CVSS5.8AI score0.00019EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/16 12:0 a.m.6 views

bloofoxCMS 跨站请求伪造漏洞

BloofoxCMS is a PHP-based content management system developed by the BloofoxCMS team. Version 0.5.2.1 of BloofoxCMS has a cross-site request forgeing vulnerability. This vulnerability allows attackers to trick users into accessing malicious pages and performing administrative operations. Attacker...

6.9CVSS5.8AI score0.00019EPSS
Exploits0References1
OSV
OSVadded 2026/01/23 5:16 p.m.0 views

CVE-2021-47906

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

5.1CVSS5.8AI score
Exploits0References4
NVD
NVDadded 2026/01/23 5:16 p.m.2 views

CVE-2021-47906

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

6.4CVSS0.00055EPSS
Exploits0References4
CVE
CVEadded 2026/01/23 4:47 p.m.4 views

CVE-2021-47906

CVE-2021-47906 affects BloofoxCMS 0.5.2.1, with a stored cross-site scripting (XSS) vulnerability in the articles text parameter. The root cause is unfiltered user input in the text field, allowing authenticated attackers to inject JavaScript payloads that can execute in other users’ browsers and...

6.4CVSS5.2AI score0.00055EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/01/23 4:47 p.m.29 views

CVE-2021-47906 BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

6.4CVSS0.00055EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/23 4:47 p.m.3 views

CVE-2021-47906 BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

6.4CVSS5.2AI score0.00055EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/01/23 12:0 a.m.1 views

bloofoxCMS security vulnerabilities

BloofoxCMS is a content management system for text-based data, developed by the individual developer of bloofoxCMS. Version 0.5.2.1 of BloofoxCMS has a security vulnerability; this vulnerability stems from a storage-type XSS vulnerability in the articles text parameter, which may allow for the...

6.4CVSS5.8AI score0.00055EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-23416

Malware in sbrugna...

9.8CVSS9.4AI score0.01344EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2010-4835

Malware in sbrugna...

7.5CVSS6.4AI score0.01585EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-2305

Malware in sbrugna...

4.3CVSS6.4AI score0.02503EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2020-23719

Malware in sbrugna...

8.8CVSS8.7AI score0.00423EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2009-4488

Malware in sbrugna...

4.3CVSS6.4AI score0.0278EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-23718

Malware in sbrugna...

6.5CVSS6.5AI score0.00194EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-23720

Malware in sbrugna...

6.5CVSS6.5AI score0.00392EPSS
Exploits1References2
Rows per page
Query Builder