2 matches found
CVE-2020-20946
Qibosoft v7 contains a stored cross-site scripting XSS vulnerability in the component /admin/index.php?lfj=friendlink=add...
PT-2021-10556 · Qibosoft · Qibosoft
Name of the Vulnerable Software and Affected Versions: Qibosoft version 7 Description: The issue allows attackers to arbitrarily delete files through the /admin/index.php?lfj=mysql&action=del endpoint. The action parameter is used with the value del to perform the deletion. Recommendations: For...