Vulnerabilities > Qibosoft > Qibocms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-16 | CVE-2023-27037 | SQL Injection vulnerability in Qibosoft Qibocms V7 Qibosoft QiboCMS v7 was discovered to contain a remote code execution (RCE) vulnerability via the Get_Title function at label_set_rs.php | 8.8 |
| 2021-04-28 | CVE-2020-18022 | Cross-site Scripting vulnerability in Qibosoft Qibocms V7 Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component. | 4.3 |