RSS   Podatności dla 'Bluecms'   RSS

2022-05-03
 
CVE-2022-27962

CWE-89
 
 
Bluecms 1.6 has a SQL injection vulnerability at cooike.

 
2021-09-08
 
CVE-2020-19853

CWE-89
 
 
BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php.

 
2019-03-28
 
CVE-2019-10262

CWE-89
 
 
A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_id is spliced directly in uploads/admin/ad.php in the admin folder, and is not wrapped in single quotes, resulting in injection around the escape of magic quotes.

 
2019-03-06
 
CVE-2019-9594

CWE-89
 
 
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request.

 
2018-09-03
 
CVE-2018-16432

CWE-89
 
 
BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login.

 

Copyright 2024, cxsecurity.com

 

Back to Top