Vulnerabilities > Ibos

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-1744 Unrestricted Upload of File with Dangerous Type vulnerability in Ibos
A vulnerability classified as critical was found in IBOS 4.5.5.
network
low complexity
ibos CWE-434
8.8
2023-03-30 CVE-2023-1742 SQL Injection vulnerability in Ibos
A vulnerability was found in IBOS 4.5.5.
network
low complexity
ibos CWE-89
8.8
2023-03-18 CVE-2023-1494 SQL Injection vulnerability in Ibos 4.5.5
A vulnerability classified as critical has been found in IBOS 4.5.5.
network
low complexity
ibos CWE-89
critical
9.8
2023-03-08 CVE-2023-1278 Cross-site Scripting vulnerability in Ibos
A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5.
network
low complexity
ibos CWE-79
6.1
2021-06-24 CVE-2020-21783 Cross-site Scripting vulnerability in Ibos 4.5.4
In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter.
network
low complexity
ibos CWE-79
6.1
2021-06-24 CVE-2020-21785 Command Injection vulnerability in Ibos 4.5.4
In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.
network
low complexity
ibos CWE-77
8.8
2021-06-24 CVE-2020-21786 Unrestricted Upload of File with Dangerous Type vulnerability in Ibos 4.5.4
In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.
network
low complexity
ibos CWE-434
critical
9.8
2018-03-30 CVE-2018-9130 Cross-site Scripting vulnerability in Ibos 4.4.3
IBOS 4.4.3 has XSS via a company full name.
network
low complexity
ibos CWE-79
6.1