Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qibosoft qibosoft 7.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-17613
qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstr...
Qibosoft Qibosoft 7.0
8.8
CVSSv3
CVE-2018-18201
qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account.
Qibosoft Qibosoft 7.0
6.1
CVSSv3
CVE-2020-20808
Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote malicious user to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php.
Qibosoft Qibosoft 7.0
4.3
CVSSv3
CVE-2020-20943
A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows malicious users to force victim users into arbitrarily publishing new articles via a crafted URL.
Qibosoft Qibosoft 7.0
9.1
CVSSv3
CVE-2020-20944
An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows malicious users to arbitrarily delete files.
Qibosoft Qibosoft 7.0
8.8
CVSSv3
CVE-2020-20945
A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft v7 allows malicious users to arbitrarily add administrator accounts.
Qibosoft Qibosoft 7.0
5.4
CVSSv3
CVE-2020-20946
Qibosoft v7 contains a stored cross-site scripting (XSS) vulnerability in the component /admin/index.php?lfj=friendlink&action=add.
Qibosoft Qibosoft 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started