q-cms

Top products

The 12 most recently published vulnerabilities affecting q-cms.

• CVE-2025-50233A vulnerability in QCMS version 6.0.5 allows authenticated users to read arbitrary files from the server due to insufficient validation of the "Name" parameter in the backend template editor. By ma...6.5Aug 6, 2025
• CVE-2020-10578An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1.7.5Mar 14, 2020
• CVE-2018-14978An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI.8.8Aug 6, 2018
• CVE-2018-14977An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070.6.1Aug 6, 2018
• CVE-2018-14976An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.4.8Aug 6, 2018
• CVE-2018-14975An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.4.8Aug 6, 2018
• CVE-2018-14974An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.4.8Aug 6, 2018
• CVE-2018-14973An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.4.8Aug 6, 2018
• CVE-2018-14972An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.4.8Aug 6, 2018
• CVE-2018-14971An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.4.8Aug 6, 2018
• CVE-2018-14970An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.4.8Aug 6, 2018
• CVE-2018-14969An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.4.8Aug 6, 2018