NotCVE - vendor:"Bloofox" product:"Bloofoxcms" version:"0.5.2.1"

Page 2 of 21 results (0.000 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2023-34750

https://notcve.org/view.php?id=CVE-2023-34750

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1

CVE-2023-34754

https://notcve.org/view.php?id=CVE-2023-34754

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1

CVE-2023-34756

https://notcve.org/view.php?id=CVE-2023-34756

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-23151

https://notcve.org/view.php?id=CVE-2023-23151

bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php. Se descubrió que bloofoxCMS v0.5.2.1 contenía una vulnerabilidad de eliminación de archivos arbitraria a través del componente /include/inc_content_media.php. • https://github.com/alexlang24/bloofoxCMS/issues/17 •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-28528

https://notcve.org/view.php?id=CVE-2022-28528

bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit. Se ha detectado que bloofoxCMS versión v0.5.2.1, contiene una vulnerabilidad de carga de archivos arbitraria por medio de /admin/index.php?mode=content&page=media&action=edit • https://github.com/alexlang24/bloofoxCMS/issues/14 • CWE-434: Unrestricted Upload of File with Dangerous Type •

1 2 3 4 5