Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1278 | 1 Ibos | 1 Ibos | 2024-05-17 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Affected by this issue is some unknown functionality of the file mobil/index.php. The manipulation of the argument accesstoken leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-222608. | |||||
| CVE-2020-21786 | 1 Ibos | 1 Ibos | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php. | |||||
| CVE-2020-21785 | 1 Ibos | 1 Ibos | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. | |||||
| CVE-2020-21783 | 1 Ibos | 1 Ibos | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter. | |||||
| CVE-2018-9130 | 1 Ibos | 1 Ibos | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBOS 4.4.3 has XSS via a company full name. | |||||