Qcms Security Vulnerabilities

CVE-2018-8069

QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html...

CVE-2018-8070

QCMS version 3.0 has XSS via the title parameter to the /guest/index.html...

CVE-2020-10578

An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS...

CVE-2018-14977

An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than...

CVE-2018-14976

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has...

CVE-2018-14975

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has...

CVE-2018-14974

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has...

CVE-2018-14978

An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html...

CVE-2018-14970

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has...

CVE-2018-14969

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has...

CVE-2018-14973

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has...

CVE-2018-14971

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has...

CVE-2018-14972

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has...