An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.
CWE-79
CVE-2018-14974
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.
CVE-2018-14975
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.
CVE-2018-14976
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.
CVE-2018-14977
An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070.
CVE-2018-14935
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
