Show filters
13 Total Results
Displaying 11-13 of 13
Sort by:
Attacker Value
Unknown

CVE-2019-5725

Disclosure Date: January 08, 2019 (last updated November 27, 2024)
qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file.
0
0
Attacker Value
Unknown

CVE-2018-18201

Disclosure Date: October 09, 2018 (last updated November 27, 2024)
qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account.
0
0
Attacker Value
Unknown

CVE-2011-1064

Disclosure Date: February 23, 2011 (last updated October 04, 2023)
SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter.
0
0
View More Topics  < Previous