CNNVD-202601-1810 Information

CNNVD ID

CNNVD-202601-1810

Related CVE

CVE-2021-41074

• CNNVD Published: 2026-01-12

Description (Chinese)

QloApps是QloApps开源的一个酒店管理和预订系统。 QloApps1.5.1版本存在安全漏洞，该漏洞源于index.php存在跨站请求伪造问题，可能导致攻击者通过特制HTML文档更改管理员电子邮件地址。

Description (English)

QloApps is a hotel management and reservation system for QloApps. The security gap in version 1.5.1 of QloApps stems from the problem of cross-site requests for forgery, which may result in the aggressor changing the administrator ’ s e-mail address through a customized HTML file.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

QloApps

Published

2026-01-12

Last Modified

2026-02-24

References

https://github.com/dillonkirsch/CVE-2021-41074 https://qloapps.com/ https://access.redhat.com/security/cve/cve-2021-41074