Quick Cms Security Vulnerabilities and Issues — Quick Cms CVE List

OpensolutionQuick Cms

7 matches found

CVE•added 2023/10/05 12:0 a.m.•60 views

CVE-2023-43343

OpenSolution Quick CMS v6.7 is affected by an XSS vulnerability in the Pages Menu component through the Files - Description parameter, enabling a local attacker to execute arbitrary code via crafted script. Public details indicate no confirmed fix/version with patch; some sources suggest restrict...

5.4CVSS5.5AI score0.00677EPSS

CVE•added 2014/03/24 2:0 p.m.•55 views

CVE-2012-6430

The CVE-2012-6430 entry describes a Cross-Site Scripting (XSS) vulnerability in OpenSolution Quick.Cms 5.0 and Quick.Cart 6.0 (and possibly earlier) where unsafely processed data in PATH_INFO to admin.php allows remote attackers to execute arbitrary scripts. The issue originates from insufficient...

4.3CVSS5.7AI score0.0391EPSS

Web

CVE•added 2023/10/19 12:0 a.m.•46 views

CVE-2023-43345

OpenSolution Quick CMS 6.7 is affected by a stored XSS in the Pages Menu component, triggered by crafting the Content - Name parameter. The vulnerability allows a local attacker to execute arbitrary code via the injected script, with impact on confidentiality, integrity, and availability as per t...

8.6CVSS7.5AI score0.00358EPSS

CVE•added 2023/10/20 12:0 a.m.•45 views

CVE-2023-43346

The CVE-2023-43346 issue affects opensolution Quick CMS v6.7. A cross-site scripting (XSS) flaw in the Languages Menu component allows a local attacker to execute arbitrary code through a crafted script sent to the Backend - Dashboard parameter. Documents consistently describe this as a local XSS...

5.4CVSS5.5AI score0.00485EPSS

CVE•added 2023/10/19 12:0 a.m.•44 views

CVE-2023-43342

CVE-2023-43342 affects OpenSolution Quick CMS v6.7. The vulnerability is a Cross-site Scripting (XSS) flaw in the Languages Menu component that can allow a local attacker to execute arbitrary code via a crafted script. Documented impact per CVSS: Network attack vector, low privilege required, use...

5.4CVSS5.5AI score0.00486EPSS

CVE•added 2023/10/19 12:0 a.m.•39 views

CVE-2023-43344

CVE-2023-43344 concerns OpenSolution Quick CMS v6.7. The vulnerability is a Cross-Site Scripting (XSS) flaw in the SEO - Meta description field of the Pages Menu component, allowing a local attacker to execute arbitrary script via a crafted payload. Root cause reported across sources is insuffici...

5.4CVSS5.4AI score0.00644EPSS

CVE•added 2025/12/11 9:42 p.m.•11 views

CVE-2024-58308

Quick.CMS 6.7 contains a SQL injection in the login form that lets unauthenticated attackers bypass login and gain unauthorized administrative access. Root cause: injection in the username parameter of the login query. Impact: high risk of full admin compromise. Remediation: sanitize input in the...

9.8CVSS8.1AI score0.00612EPSS