Vulnerabilities > Bloofox > Bloofoxcms > 0.5.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-25 | CVE-2020-35709 | Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2.1 bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal. | 4.0 |