Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibos Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1278 1 Ibos 1 Ibos 2023-03-14 N/A 6.1 MEDIUM
A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Affected by this issue is some unknown functionality of the file mobil/index.php. The manipulation of the argument accesstoken leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-222608.
CVE-2020-21786 1 Ibos 1 Ibos 2021-06-30 7.5 HIGH 9.8 CRITICAL
In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.
CVE-2020-21785 1 Ibos 1 Ibos 2021-06-30 6.5 MEDIUM 8.8 HIGH
In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.
CVE-2020-21783 1 Ibos 1 Ibos 2021-06-30 4.3 MEDIUM 6.1 MEDIUM
In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter.
CVE-2018-9130 1 Ibos 1 Ibos 2018-04-18 4.3 MEDIUM 6.1 MEDIUM
IBOS 4.4.3 has XSS via a company full name.