Shodan
Vulnerabilities
Vulnerable Software
Bloofox:  >> Bloofoxcms  >> 0.5.2.1  Security Vulnerabilities
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-08-11
CVE-2023-34750
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-06-14
CVE-2023-34751
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
CVSS Score
9.8
EPSS Score
0.332
Published
2023-06-14
CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
CVSS Score
9.8
EPSS Score
0.302
Published
2023-06-14
CVE-2023-34753
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
CVSS Score
9.8
EPSS Score
0.332
Published
2023-06-14
CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
CVSS Score
9.8
EPSS Score
0.103
Published
2023-06-14
CVE-2023-34755
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
CVSS Score
9.8
EPSS Score
0.332
Published
2023-06-14
CVE-2023-34756
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
CVSS Score
9.8
EPSS Score
0.332
Published
2023-06-14
CVE-2023-23151
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion vulnerability via the component /include/inc_content_media.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-01-26
CVE-2022-28528
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-04-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved