78 matches found
EUVD-2020-9951
Malware in sbrugna...
EUVD-2023-30826
Malicious code in bioql PyPI...
EUVD-2025-4510
Malicious code in bioql PyPI...
EUVD-2024-16992
Malicious code in bioql PyPI...
CVE-2023-27037
Qibosoft QiboCMS v7 was discovered to contain a remote code execution RCE vulnerability via the GetTitle function at labelsetrs.php...
CVE-2020-18022
Cross Site Scripting XSS in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component...
CVE-2025-22973
An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the httpcurl function in the '/application/common. php' file that directly retrieves the URL request response content...
CVE-2025-22973
An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the httpcurl function in the '/application/common. php' file that directly retrieves the URL request response content...
CVE-2025-22973
An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the httpcurl function in the '/application/common. php' file that directly retrieves the URL request response content...
Qibosoft QiboCMS 安全漏洞
Qibosoft QiboCMS is an application software from China Qibosoft Qibosoft company. A website builder CMS. A security vulnerability exists in Qibosoft QiboCMS version X1.0, which originates from the ability to retrieve sensitive information by directly retrieving the URL request response content vi...
CVE-2025-22973
An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via the httpcurl function in the '/application/common. php' file that directly retrieves the URL request response content...
CVE-2025-22973
CVE-2025-22973 affects QiboSoft QiboCMS X1.0. The vulnerability is caused by the http_curl() function in /application/common.php, which directly retrieves the URL request response content, enabling a remote attacker to disclose sensitive information. The CVSS v3.1 vector indicates Network access,...
PT-2025-7543 · Qibosoft · Qibocms
Name of the Vulnerable Software and Affected Versions: QiboSoft QiboCMS version X1.0 Description: An issue in QiboSoft QiboCMS allows a remote attacker to obtain sensitive information via the http curl function in the '/application/common.php' file that directly retrieves the URL request response...
CVE-2024-1225
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...
CVE-2024-1225
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...
CVE-2024-1225
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...
Deserialization of untrusted data
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...
CVE-2024-1225
CVE-2024-1225 affects QiboSoft QiboCMS X1 up to 1.0.6. The vulnerability resides in the Pay.php function rmb_pay, where manipulating the callback_class argument leads to deserialization. The issue can be exploited remotely and has been publicly disclosed. Connected sources consistently describe a...
CVE-2024-1225 QiboSoft QiboCMS X1 Pay.php rmb_pay deserialization
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...
CVE-2024-1225 QiboSoft QiboCMS X1 Pay.php rmb_pay deserialization
A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmbpay of the file /application/index/controller/Pay.php. The manipulation of the argument callbackclass leads to deserialization. The attack can be launched remotel...