RSS   Vulnerabilities for 'IBOS'   RSS

2021-06-24
 
CVE-2020-21783

CWE-79
 

 
In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter.

 
 
CVE-2020-21785

CWE-77
 

 
In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.

 
 
CVE-2020-21786

CWE-434
 

 
In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.

 
2018-03-30
 
CVE-2018-9130

CWE-79
 

 
IBOS 4.4.3 has XSS via a company full name.

 


Copyright 2024, cxsecurity.com

 

Back to Top