EUVD-2024-55347

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system...

CVE-2024-58308

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system...

EUVD-2009-4092

Malware in sbrugna...

EUVD-2012-3780

Malware in sbrugna...

EUVD-2024-34042

Malicious code in bioql PyPI...

CVE-2020-35754

OpenSolution Quick.CMS 6.7 and Quick.Cart 6.7 allow an authenticated user to perform code injection and consequently Remote Code Execution via the input fields of the Language tab...

CVE-2024-11992

Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could allow remote users to bypass the intended restrictions and download any file if it has the appropriate permissions outside of documentroot configured on the server via the aDirFiles%5B0%5D parameter i...

CVE-2024-11992 Path traversal vulnerability in Quick.CMS

Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could allow remote users to bypass the intended restrictions and download any file if it has the appropriate permissions outside of documentroot configured on the server via the aDirFiles%5B0%5D parameter i...

CVE-2024-11992

CVE-2024-11992 concerns Quick.CMS v6.7. The vulnerability is an absolute path traversal in admin.php reachable via the aDirFiles%5B0%5D parameter, allowing remote attackers to bypass restrictions and download files outside the document root if permissions exist, and potentially delete server file...

CVE-2024-11992 Path traversal vulnerability in Quick.CMS

Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could allow remote users to bypass the intended restrictions and download any file if it has the appropriate permissions outside of documentroot configured on the server via the aDirFiles%5B0%5D parameter i...

Quick.CMS 6.7 SQL Injection

Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass Google Dork: N/A Date: 02-03-2024 Exploit Author: ./H4X.Forensics - Diyar Vendor Homepage: https://www.opensolution.org Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows CVE...

Quick.CMS 6.7 - SQL Injection Login Bypass Vulnerability

Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass Exploit Author: ./H4X.Forensics - Diyar Vendor Homepage: https://www.opensolution.org Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows CVE : N/A How to exploit : -- Open...

Quick.CMS 6.7 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Quick.CMS 6.7 - Cross-site request forgery CSRF to Cross-site Scripting XSS Authenticated Date: 2021-04-21 Exploit Author: Rahad Chowdhury Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7...

Quick.CMS 6.7 - Cross Site Request Forgery to Cross Site Scripting Vulnerability

Exploit Title: Quick.CMS 6.7 - Cross Site request forgery CSRF to Cross-site Scripting XSS Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows...

Quick.CMS 6.7 - Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)

Exploit Title: Quick.CMS 6.7 - Cross Site request forgery CSRF to Cross-site Scripting XSS Authenticated Date: 21/04/2021 Exploit Author: Rahad Chowdhury Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7...

Quick.CMS 6.7 - Remote Code Execution (Authenticated)

Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...

Quick.CMS 6.7 Remote Code Execution

Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...

CVE-2020-35754

OpenSolution Quick.CMS 6.7 and Quick.Cart 6.7 allow an authenticated user to perform code injection and consequently Remote Code Execution via the input fields of the Language tab...

Code injection

OpenSolution Quick.CMS 6.7 and Quick.Cart 6.7 allow an authenticated user to perform code injection and consequently Remote Code Execution via the input fields of the Language tab...

CVE-2020-35754

OpenSolution Quick.CMS 6.7 and Quick.Cart 6.7 allow an authenticated user to perform code injection and consequently Remote Code Execution via the input fields of the Language tab...