CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

119 matches found

Vulnrichment•added 2025/11/14 1:22 p.m.•2 views

CVE-2025-9982 Hard-coded admin credentials in Quick.CMS

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege...

6.9CVSS6.8AI score0.00241EPSS

Exploits0References2

Cvelist•added 2025/11/14 1:22 p.m.•7 views

CVE-2025-9982 Hard-coded admin credentials in Quick.CMS

6.9CVSS0.00241EPSS

Exploits0References2

Positive Technologies•added 2025/11/14 12:0 a.m.•4 views

PT-2025-46952

Name of the Vulnerable Software and Affected Versions QuickCMS version 6.8 QuickCMS affected versions not specified Description QuickCMS is susceptible to multiple Stored Cross-Site Scripting XSS issues within the language editor functionality, specifically in the 'languages' section. An attacker...

6.9CVSS5.7AI score0.00241EPSS

Exploits0References6

Positive Technologies•added 2025/11/14 12:0 a.m.•2 views

PT-2025-46953

Name of the Vulnerable Software and Affected Versions QuickCMS version 6.8 Description A flaw exists where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This allows attackers with access to the source code or the server file system to retrieve...

6.9CVSS6.6AI score0.00241EPSS

Exploits0References8

CNNVD•added 2025/11/14 12:0 a.m.•4 views

QuickCMS 安全漏洞

QuickCMS is a content management system from QuickCMS Open Source. A security vulnerability exists in QuickCMS version 6.8, which stems from sensitive administrator credentials being hardcoded in a configuration file and stored in plaintext, which could lead to elevated privileges...

7.5CVSS6.3AI score0.00241EPSS

Exploits0References2

CNNVD•added 2025/11/14 12:0 a.m.•2 views

QuickCMS 跨站脚本漏洞

QuickCMS is an open source content management system from QuickCMS. A cross-site scripting vulnerability exists in QuickCMS version 6.8, which stems from a stored cross-site script in the Language Editor feature that could lead to arbitrary HTML and JS injection...

7.5CVSS5.7AI score0.00241EPSS

Exploits0References2

RedhatCVE•added 2025/10/24 10:34 a.m.•9 views

CVE-2025-9980

QuickCMS is vulnerable to multiple Stored XSS in page editor functionality pages-form. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add JavaScript into the...

4.8CVSS6.4AI score0.00176EPSS

Exploits0References1

OSV•added 2025/10/23 10:15 a.m.•4 views

CVE-2025-9980

4.8CVSS5.8AI score0.00176EPSS

Exploits0References2

OSV•added 2025/10/23 10:15 a.m.•6 views

CVE-2025-9981

QuickCMS is vulnerable to multiple Stored XSS in slider editor functionality sliders-form. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed on every page. By default admin user is not able to add JavaScript into the website. T...

4.8CVSS5.8AI score0.00176EPSS

Exploits0References2

NVD•added 2025/10/23 10:15 a.m.•7 views

CVE-2025-9980

4.8CVSS0.00176EPSS

Exploits0References2

CVE•added 2025/10/23 9:37 a.m.•10 views

CVE-2025-9981

CVE-2025-9981 refers to QuickCMS with Stored XSS in the slider editor (sliders-form). The Red Hat and NVD/CIRCL entries confirm this vulnerability affects QuickCMS 6.8 as tested; other versions are not verified and may also be affected. By design, an admin can inject arbitrary HTML/JS, which is r...

4.8CVSS6AI score0.00176EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/10/23 9:37 a.m.•3 views

CVE-2025-9981 Multiple Stored XSS in QuickCMS

4.8CVSS5.9AI score0.00176EPSS

Exploits0References2

Cvelist•added 2025/10/23 9:37 a.m.•9 views

CVE-2025-9981 Multiple Stored XSS in QuickCMS

4.8CVSS0.00176EPSS

Exploits0References2

EUVD•added 2025/10/23 9:37 a.m.•5 views

EUVD-2025-35661

4.8CVSS5.9AI score0.00176EPSS

Exploits0References3

EUVD•added 2025/10/23 9:37 a.m.•4 views

EUVD-2025-35662

4.8CVSS5.9AI score0.00176EPSS

Exploits0References3

CVE•added 2025/10/23 9:37 a.m.•12 views

CVE-2025-9980

CVE-2025-9980 describes a Stored XSS vulnerability in QuickCMS, specifically in the page editor (pages-form). The issue allows a malicious actor with admin privileges to inject arbitrary HTML/JavaScript that is rendered/executed when visiting the edited page. The public material notes that only v...

4.8CVSS6AI score0.00176EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/10/23 9:37 a.m.•7 views

CVE-2025-9980 Multiple Stored XSS in QuickCMS

4.8CVSS0.00176EPSS

Exploits0References2

Vulnrichment•added 2025/10/23 9:37 a.m.•4 views

CVE-2025-9980 Multiple Stored XSS in QuickCMS

4.8CVSS6AI score0.00176EPSS

Exploits0References2

CNNVD•added 2025/10/23 12:0 a.m.•4 views

Open Solution QuickCMS 跨站脚本漏洞

Open Solution QuickCMS is an Open Solution open source content management system. A cross-site scripting vulnerability exists in Open Solution QuickCMS version 6.8, which stems from multiple stored cross-site scripting vulnerabilities in the slider editor feature, which could lead to the injectio...

4.8CVSS6.3AI score0.00176EPSS

Exploits0References2

CNNVD•added 2025/10/23 12:0 a.m.•4 views

Open Solution QuickCMS 跨站脚本漏洞

Open Solution QuickCMS is an Open Solution open source content management system. A cross-site scripting vulnerability exists in Open Solution QuickCMS version 6.8, which stems from the presence of multiple stored cross-site scripts in the page editor functionality, which could lead to the...

4.8CVSS6.2AI score0.00176EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by