Opensolution

Quick Cms

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-54541

  • EPSS 0.02%
  • Veröffentlicht 28.08.2025 11:15:32
  • Zuletzt bearbeitet 08.09.2025 16:56:22

QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request deleting an article. The vendor was notified e...

6.1

CVE-2025-54540

  • EPSS 0.03%
  • Veröffentlicht 28.08.2025 11:15:30
  • Zuletzt bearbeitet 08.09.2025 17:06:51

QuickCMS is vulnerable to Reflected XSS via sSort parameter in admin's panel functionality. A malicious attacker can craft a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. The vendor was n...

5.4

CVE-2023-43346

Exploit
  • EPSS 0.48%
  • Veröffentlicht 20.10.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:24:02

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.

8.6

CVE-2023-43345

Exploit
  • EPSS 0.14%
  • Veröffentlicht 19.10.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:24:01

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component.

5.4

CVE-2023-43344

Exploit
  • EPSS 0.39%
  • Veröffentlicht 19.10.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:24:01

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component.

5.4

CVE-2023-43342

Exploit
  • EPSS 0.22%
  • Veröffentlicht 19.10.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:24:01

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component.

5.4

CVE-2023-43343

Exploit
  • EPSS 0.49%
  • Veröffentlicht 05.10.2023 22:15:12
  • Zuletzt bearbeitet 21.11.2024 08:24:01

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component.

4.3

CVE-2012-6430

Exploit
  • EPSS 10.93%
  • Veröffentlicht 24.03.2014 16:43:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this mi...