Opensolution: >> Quick Cms >> 6.7 Security Vulnerabilities
Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system.
CVSS Score
9.8
EPSS Score
0.01
Published
2025-12-11
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-10-20
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component.
CVSS Score
8.6
EPSS Score
0.001
Published
2023-10-19
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-10-19
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-10-19
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-10-05