4 matches found
CVE-2020-20946
Qibosoft v7 contains a stored cross-site scripting XSS vulnerability in the component /admin/index.php?lfj=friendlink&action=add...
CVE-2020-20946
CVE-2020-20946 affects Qibosoft v7 (CMS) with a stored XSS vulnerability in the admin path /admin/index.php?lfj=friendlink&action=add. The root cause is input data not validated in the friendlink/add handler, enabling injected client-side script execution. CVSS metrics indicate a Low to Medium ov...
Qibosoft 跨站脚本漏洞
Qibosoft qibosoft is a content management system CMS from Qibosoft, China. qibosoft has a cross-site scripting vulnerability that originates in the /admin/index.php?lfj=friendlink & action=add link of the admin component of the product. The vulnerability is caused by the...
SQL injection vulnerability in phpaaCMS friendlink.action.php page
phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the friendlink.action.php page of phpaaCMS v0.5, which can be exploited by attackers to obtain sensitive information about the database...