Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before allows a remote attacker to execute arbitrary code via the eindtijd and starttijd parameters of do/search.php.
https://github.com/alorfm/vuln/blob/master/qibosoft_cross_Site_Scripting.md