bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files.
Published June 16, 2021.
Bloofox Bloofoxcms