CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-44610

Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lang_id, (3) tmpl_id, (4) mod_rewrite (5) eta_doctype. (6) meta_charset, (7) default_group, and (8) page group parameters in the settings mode in admin/index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/alexlang24/bloofoxCMS/issues/13
https://github.com/alexlang24/bloofoxCMS/issues/13

Products affected by CVE-2021-44610

Bloofox » Bloofoxcms » Version: 0.5.1

cpe:2.3:a:bloofox:bloofoxcms:0.5.1
Bloofox » Bloofoxcms » Version: 0.5.2

cpe:2.3:a:bloofox:bloofoxcms:0.5.2
Bloofox » Bloofoxcms » Version: 0.5.2.1

cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-44610

Products

Pricing

Contact Us