9.8CVSS
9.8AI Score
0.002EPSS
BlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at...
9.8CVSS
9.7AI Score
0.001EPSS
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send...
8.6AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.9AI Score
0.002EPSS
9.8CVSS
9.7AI Score
0.002EPSS
9.8CVSS
9.7AI Score
0.002EPSS
A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_id is spliced directly in uploads/admin/ad.php in the admin folder, and is not wrapped in single quotes, resulting in injection around the escape of magic...
9.8CVSS
9.9AI Score
0.002EPSS
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit...
9.8CVSS
9.8AI Score
0.002EPSS