4 matches found
EUVD-2018-6859
Malware in sbrugna...
CVE-2018-8070
QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI...
Design/Logic Flaw
An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070...
CVE-2018-14977
CVE-2018-14977 affects QCMS 3.0.1. The vulnerability is a cross-site scripting (XSS) flaw in upload/System/Controller/guest.php, exploitable via the name parameter, as described in the CVE entry and corroborated by related CNVD/RedHat references. The issue is distinct from CVE-2018-8070 (XSS via ...