Vulnerabilities > Bloofox > Bloofoxcms > 0.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2021-44608 | Cross-site Scripting vulnerability in Bloofox Bloofoxcms 0.5.1/0.5.2/0.5.2.1 Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) file parameter and (2) type parameter in an edit action in index.php. | 5.4 |
| 2022-02-24 | CVE-2021-44610 | SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.1/0.5.2/0.5.2.1 Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lang_id, (3) tmpl_id, (4) mod_rewrite (5) eta_doctype. | 9.8 |