Vulnerabilities > Bloofoxcms > Bloofoxcms > 0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-23 | CVE-2008-0428 | SQL Injection vulnerability in Bloofoxcms 0.3 Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | 7.5 |