Vulnerabilities > Bluecms Project

DATE CVE VULNERABILITY TITLE RISK
2021-09-08 CVE-2020-19853 SQL Injection vulnerability in Bluecms Project Bluecms 1.6
BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php.
network
low complexity
bluecms-project CWE-89
7.5
2019-03-28 CVE-2019-10262 SQL Injection vulnerability in Bluecms Project Bluecms 1.6
A SQL Injection issue was discovered in BlueCMS 1.6.
network
low complexity
bluecms-project CWE-89
7.5
2019-03-06 CVE-2019-9594 SQL Injection vulnerability in Bluecms Project Bluecms 1.6
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request.
network
low complexity
bluecms-project CWE-89
7.5
2018-09-04 CVE-2018-16432 SQL Injection vulnerability in Bluecms Project Bluecms 1.6
BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login.
network
low complexity
bluecms-project CWE-89
7.5
2011-10-08 CVE-2010-4897 SQL Injection vulnerability in Bluecms Project Bluecms 1.6
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.
network
low complexity
bluecms-project CWE-89
7.5