ibos - Security Researcher - Exploit Intelligence Platform

CVE-2023-1278 GITEE LOW php

Ibos < 4.5.5 - XSS

A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Affected by this issue is some unknown functionality of the file mobil/index.php. The manipulation of the argument accesstoken leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-222608.

1,962 stars

CVSS 3.5

View Code

CVE-2020-21786 GITEE CRITICAL php

Ibos - Unrestricted File Upload

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.

1,962 stars

CVSS 9.8

View Code

CVE-2020-21785 GITEE HIGH php

Ibos - Command Injection

In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.

1,962 stars

CVSS 8.8

View Code

CVE-2020-21783 GITEE MEDIUM php

Ibos - XSS

In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody[content] parameter.

1,962 stars

CVSS 6.1

View Code