Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-36140

Disclosure Date: June 04, 2021 (last updated February 22, 2025)
BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery (CSRF) via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content (Locally/Remotely).
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0