Filtered by vendor Bloofox
Subscriptions
Filtered by product Bloofoxcms
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-34754 | 2 Apple, Bloofox | 2 Macos, Bloofoxcms | 2024-08-02 | 9.8 Critical |
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit. | ||||
CVE-2023-34751 | 2 Apple, Bloofox | 2 Macos, Bloofoxcms | 2024-08-02 | 9.8 Critical |
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit. | ||||
CVE-2023-34755 | 2 Apple, Bloofox | 2 Macos, Bloofoxcms | 2024-08-02 | 9.8 Critical |
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit. | ||||
CVE-2023-29597 | 1 Bloofox | 1 Bloofoxcms | 2024-08-02 | 8.8 High |
bloofox v0.5.2 was discovered to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1. | ||||
CVE-2023-27812 | 1 Bloofox | 1 Bloofoxcms | 2024-08-02 | 9.1 Critical |
bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function. | ||||
CVE-2023-23151 | 1 Bloofox | 1 Bloofoxcms | 2024-08-02 | 6.5 Medium |
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php. |