CVE-2023-34750
https://notcve.org/view.php?id=CVE-2023-34750
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-34754
https://notcve.org/view.php?id=CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-34756
https://notcve.org/view.php?id=CVE-2023-34756
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit. • https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-23151
https://notcve.org/view.php?id=CVE-2023-23151
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php. Se descubrió que bloofoxCMS v0.5.2.1 contenía una vulnerabilidad de eliminación de archivos arbitraria a través del componente /include/inc_content_media.php. • https://github.com/alexlang24/bloofoxCMS/issues/17 •
CVE-2022-28528
https://notcve.org/view.php?id=CVE-2022-28528
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit. Se ha detectado que bloofoxCMS versión v0.5.2.1, contiene una vulnerabilidad de carga de archivos arbitraria por medio de /admin/index.php?mode=content&page=media&action=edit • https://github.com/alexlang24/bloofoxCMS/issues/14 • CWE-434: Unrestricted Upload of File with Dangerous Type •