QiboCMS is an open-source content management system featured for its unique visualized tags.
QiboCMS does not impose complete filtering for the content of the
hr/listperson.php variable. As a result, the variable may contain any local file. Hackers can upload malicious files by using avatar upload or other features to run PHP code on the website.
Upgrade QiboCMS to the latest version from the official website.