Download
| Alert*
CVE-2009-4522
Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCMS 0.3.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter to index.php. NOTE: some of these details are obtained from third party information. CVE-2010-4870 SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter. |