← Back

Qibocms

qibocms

Vendor: Qibosoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-27037
1Qibosoft
1Qibocms
Nov 21, 2024
Mar 16, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Qibosoft QiboCMS v7 was discovered to contain a remote code execution (RCE) vulnerability via the Get_Title function at label_set_rs.php
CVE-2020-18022
1Qibosoft
1Qibocms
Nov 21, 2024
Apr 28, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\k...Show more
Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component.Show less