CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-36141

BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://muteb.io/2020/12/29/BloofoxCMS-Multiple-Vulnerabilities.html
https://muteb.io/2020/12/29/BloofoxCMS-Multiple-Vulnerabilities.html

Products affected by CVE-2020-36141

Bloofox » Bloofoxcms » Version: 0.5.2.1

cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36141

Products

Pricing

Contact Us