cbcvebase.

Opensolution Quick.Cms.Lite vulnerabilities

4 known vulnerabilities affecting opensolution/quick.cms.lite.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2LOW1

Vulnerabilities

Page 1 of 1
CVE-2009-1410P3HIGHCVSS 7.5PoCv0.52009-04-24
CVE-2009-1410 [HIGH] CWE-89 CVE-2009-1410: SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute ar SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2006-5834P4MEDIUMCVSS 5.0PoCv0.32006-11-10
CVE-2006-5834 [MEDIUM] CVE-2006-5834: Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote at Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the sLanguage Cookie parameter.
nvd
CVE-2008-4139P4LOWCVSS 2.6PoCv2.12008-09-24
CVE-2008-4139 [LOW] CWE-79 CVE-2008-4139: Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution Quick.Cms.Lite 2.1 allows remo Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution Quick.Cms.Lite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query string.
nvd
CVE-2009-4121P4MEDIUMCVSS 6.8v2.42009-12-01
CVE-2009-4121 [MEDIUM] CWE-352 CVE-2009-4121: Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 a Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delete web pages via a p-delete action to admin.php, and possibly (2) delete products or (3) delete orders via unspecified vectors. NOTE: some of these details
nvd
Opensolution Quick.Cms.Lite vulnerabilities | cvebase