CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-6430

Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.148

EPSS Ranking 94.2%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2013-01/0035.html
http://osvdb.org/89119
http://osvdb.org/89120
http://packetstormsecurity.com/files/119422/Quick.Cms-5.0-Quick.Cart-6.0-Cross-Site-Scripting.html
http://secunia.com/advisories/51769
http://secunia.com/advisories/51813
https://exchange.xforce.ibmcloud.com/vulnerabilities/81169
https://www.htbridge.com/advisory/HTB23135
http://archives.neohapsis.com/archives/bugtraq/2013-01/0035.html
http://osvdb.org/89119
http://osvdb.org/89120
http://packetstormsecurity.com/files/119422/Quick.Cms-5.0-Quick.Cart-6.0-Cross-Site-Scripting.html
http://secunia.com/advisories/51769
http://secunia.com/advisories/51813
https://exchange.xforce.ibmcloud.com/vulnerabilities/81169
https://www.htbridge.com/advisory/HTB23135

Products affected by CVE-2012-6430

Opensolution » Quick Cart » Version: 6.0

cpe:2.3:a:opensolution:quick_cart:6.0
Opensolution » Quick Cms » Version: 5.0

cpe:2.3:a:opensolution:quick_cms:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6430

Products

Pricing

Contact Us