First published: Fri Dec 25 2020(Updated: )
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bloofox Bloofoxcms | =0.5.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-35709 is a vulnerability in bloofoxCMS 0.5.2.1 that allows admins to upload arbitrary .php files to the media/images directory.
CVE-2020-35709 works by exploiting a directory traversal vulnerability in bloofoxCMS 0.5.2.1.
The severity of CVE-2020-35709 is medium with a CVSS score of 4.9.
To fix CVE-2020-35709, it is recommended to update bloofoxCMS to a version that has addressed the vulnerability.
You can find more information about CVE-2020-35709 on the GitHub issue page: https://github.com/alexlang24/bloofoxCMS/issues/7