Export limit exceeded: 341145 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 341145 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (12 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-50233 2 Q-cms, Qcms 2 Qcms, Qcms 2025-09-23 6.5 Medium
A vulnerability in QCMS version 6.0.5 allows authenticated users to read arbitrary files from the server due to insufficient validation of the "Name" parameter in the backend template editor. By manipulating the parameter, attackers can perform directory traversal and access sensitive files outside the intended template directory, potentially exposing system configuration, PHP source code, or other sensitive information.
CVE-2020-10578 1 Q-cms 1 Qcms 2024-11-21 7.5 High
An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1.
CVE-2018-14978 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI.
CVE-2018-14977 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070.
CVE-2018-14976 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.
CVE-2018-14975 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.
CVE-2018-14974 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.
CVE-2018-14973 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.
CVE-2018-14972 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.
CVE-2018-14971 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.
CVE-2018-14970 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.
CVE-2018-14969 1 Q-cms 1 Qcms 2024-11-21 N/A
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.