60 matches found
Quick.CMS 4.0 - p Cross-Site Scripting
Quick.CMS 4.0 - p Cross-Site Scripting source: https://www.securityfocus.com/bid/53273/info Quick.CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
Quick.CMS 4.0 Cross Site Scripting
TITLE ....... Quick.Cmsv4.0 XSS-over-GET ..................................... DATE ........ 18.03.2012 .......................................... AUTOHR ...... http://hauntit.blogspot.com ......................... SOFT LINK ... http://opensolution.org/ ................................. VERSION...
Quick.CMS 4.0 - 'p' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53273/info Quick.CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Quick CMS v3.0 Cross Site Request Forgery (Add Admin User)
Exploit for php platform in category web applications + Exploit Title: Quick CMS v3.0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick.Cms v3.0" inurl:admin.php + Demo CMS Link:...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that 1 delete web pages via a p-delete action to admin.php, and possibly 2 delete products or 3 delete orders via...
CVE-2009-4121
Multiple cross-site request forgery CSRF vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that 1 delete web pages via a p-delete action to admin.php, and possibly 2 delete products or 3 delete orders via...
CVE-2009-4121
Multiple cross-site request forgery CSRF vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that 1 delete web pages via a p-delete action to admin.php, and possibly 2 delete products or 3 delete orders via...
CVE-2009-4121
CVE-2009-4121 refers to multiple CSRF vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 . The flaws allow remote attackers to hijack an administrator’s authenticated session to perform actions such as (1) deleting web pages via a p-delete action to admin.php, and possibly (2) deleting produ...
Quick.Cart / Quick.CMS XSRF
Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other versions untested Severity: Medium Vendor: http://opensolution.org/ Author: Alice Kaerast 0. Timeline 25-10-2009 Vulnerability discovered 26-10-2009 Vendor contacted 23-11-2009 No response from vendor, report published ...
Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/37115/info Quick.Cart and Quick.CMS are prone to a cross-site request-forgery vulnerability because the applications allow users to bypass certain security checks. Exploiting this issue may allow a remote attacker to perform certain administrative actions...
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other versions untested Severity: Medium Vendor: http://opensolution.org/ Author: Alice Kaerast 0. Timeline 25-10-2009 Vulnerability discovered 26-10-2009 Vendor contacted 23-11-2009 No response from vendor, report published ...
Quick.Cart 3.4 Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 Quick.CMS 2.4 - Cross-Site Request Forgery Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other versions untested Severity: Medium Vendor: http://opensolution.org/ Author: Alice Kaerast 0. Timeline 25-10-2009 Vulnerability discovered 26-10-2009 Vendor...
Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities
No description provided by source. Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other versions untested Severity: Medium Vendor: http://opensolution.org/ Author: Alice Kaerast 0. Timeline 25-10-2009 Vulnerability discovered 26-10-2009 Vendor contacted 23-11-2009 No...
Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities ===================================================== Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other...
Quick.CMS.Lite 0.5 - id SQL Injection
Quick.CMS.Lite 0.5 - id SQL Injection +-------------------------------------+ + Homepage: http://opensolution.org/ + Product: Quick.CMS Lite 0.5 + File: index.php + Parameter: id + Dork: "Powered by Quick.Cms" +-------------------------------------+ + SQL Injection: +...
Quick.CMS Lite 0.5 SQL Injection
+-------------------------------------+ + Homepage: http://opensolution.org/ + Product: Quick.CMS Lite 0.5 + File: index.php + Parameter: id + Dork: "Powered by Quick.Cms" +-------------------------------------+ + SQL Injection: + http://www.sennik.sos.pl/index.php?t=ph&id=null'+union+select+ +...
Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability
No description provided by source. +-------------------------------------+ + Homepage: http://opensolution.org/ + Product: Quick.CMS Lite 0.5 + File: index.php + Parameter: id + Dork: "Powered by Quick.Cms" +-------------------------------------+ + SQL Injection: +...
Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================== Quick.Cms.Lite 0.5 id Remote SQL Injection Vulnerability ========================================================== +-------------------------------------+ + Homepage:...
Quick.CMS.Lite 0.5 - 'id' SQL Injection
+-------------------------------------+ + Homepage: http://opensolution.org/ + Product: Quick.CMS Lite 0.5 + File: index.php + Parameter: id + Dork: "Powered by Quick.Cms" +-------------------------------------+ + SQL Injection: + http://www.sennik.sos.pl/index.php?t=ph&id=null'+union+select+ +...
Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit
Exploit for unknown platform in category web applications =================================================================== Quick.Cms.Lite = 0.3 Cookie sLanguage Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...