2 matches found
QCMS Cross-Site Scripting Vulnerability (CNVD-2019-10281)
QCMS is an open source content management system CMS for creating responsive websites. A cross-site scripting vulnerability exists in upload/System/Controller/backend/news.php in QCMS 3.0.1, which can be exploited by remote attackers to inject arbitrary web script or HTML...
CVE-2018-14974
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS...