q-cms CVE Vulnerabilities & Metrics

Focus on q-cms vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About q-cms Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with q-cms. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total q-cms CVEs: 11
Earliest CVE date: 06 Aug 2018, 15:29 UTC
Latest CVE date: 14 Mar 2020, 20:15 UTC

Latest CVE reference: CVE-2020-10578

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical q-cms CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.01

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 8
4.0-6.9 3
7.0-8.9 0
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS q-cms CVEs

These are the five CVEs with the highest CVSS scores for q-cms, sorted by severity first and recency.

All CVEs for q-cms

CVE-2020-10578 q-cms vulnerability CVSS: 5.0 14 Mar 2020, 20:15 UTC

An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1.

CVE-2018-14978 q-cms vulnerability CVSS: 6.8 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI.

CVE-2018-14977 q-cms vulnerability CVSS: 4.3 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070.

CVE-2018-14976 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.

CVE-2018-14975 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.

CVE-2018-14974 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.

CVE-2018-14973 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.

CVE-2018-14972 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.

CVE-2018-14971 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.

CVE-2018-14970 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.

CVE-2018-14969 q-cms vulnerability CVSS: 3.5 06 Aug 2018, 15:29 UTC

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.