15 matches found
EUVD-2020-23367
Malware in sbrugna...
EUVD-2020-23720
Malware in sbrugna...
EUVD-2020-23418
Malware in sbrugna...
EUVD-2020-23416
Malware in sbrugna...
EUVD-2020-23717
Malware in sbrugna...
EUVD-2023-27251
Malicious code in bioql PyPI...
CVE-2020-35709
bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files with "Content-Type: application/octet-stream" to ../media/images/ via the admin/index.php?mode=tools=upload URI, aka directory traversal...
CVE-2023-23151
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion vulnerability via the component /include/inccontentmedia.php...
bloofoxCMS Cross-Site Request Forgery Vulnerability (CNVD-2021-43375)
bloofoxCMS is a free open source PHP + MySQL based Web content management system . A cross-site request forgery vulnerability exists in bloofoxCMS version 0.5.2.1. An attacker can exploit this vulnerability to edit the content of any file...
BloofoxCMS Path Traversal Vulnerability
bloofoxCMS is a free open source PHP + MySQL based Web content management system . A directory traversal vulnerability exists in BloofoxCMS version 0.5.2.1. An attacker can exploit this vulnerability by inserting the '... /' payload into the 'fileurl' parameter to achieve directory traversal...
BloofoxCms File Upload Vulnerability
BloofoxCms is alexlang24 BloofoxCms individual developers of a Php-based text content management system. A code issue exists in BloofoxCMS version 0.5.2.1, which can be exploited to bypass MIME type validation by inserting "image jpeg" in the "Content-Type" header. The vulnerability can be...
BloofoxCMS Cross-Site Request Forgery Vulnerability
BloofoxCMS is a free open source PHP + MySQL based Web content management system . A cross-site request forgery vulnerability exists in BloofoxCMS version 0.5.2.1. An attacker can exploit this vulnerability by using mode=settings&page=editor to change the content of arbitrary files...
BloofoxCMS Cross-Site Scripting Vulnerability (CNVD-2021-40550)
BloofoxCMS is a free and open source web content management system based on PHP+MySQL. A reflective cross-site scripting vulnerability exists in BloofoxCMS version 0.5.2.1. An attacker can exploit this vulnerability by using the fileurl parameter to conduct cross-site scripting attacks...
Unrestricted file upload
BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header...
bloofox-xss.txt
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...