Approved changes feed: RSS · Atom

cpe:2.3:a:opensolution:quick_cms:6.7:*:*:*:*:*:*:*

part: a version: 6.7 update: *

VendorOpensolution (452db4e2-8665-579c-b90a-ad133fe1ce7e)
ProductQuick Cms (a6e0301f-8953-520a-8b6f-5eb5496f0e64)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-58308 vulnerable 2026-06-08 06:56:14.411526 Quick.CMS 6.7 SQL Injection Authentication Bypass via Admin Login
Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system.
Published: 2025-12-11T21:42:09.518Z
Updated: 2026-04-07T14:08:51.500Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43346 vulnerable 2026-06-08 06:11:11.150351 Details available
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.
Published: 2023-10-20T00:00:00.000Z
Updated: 2024-09-12T14:59:50.799Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43345 vulnerable 2026-06-08 06:11:11.150036 Details available
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component.
Published: 2023-10-19T00:00:00.000Z
Updated: 2024-09-12T19:54:18.731Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43344 vulnerable 2026-06-08 06:11:11.149728 Details available
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component.
Published: 2023-10-19T00:00:00.000Z
Updated: 2024-09-12T19:59:56.685Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43343 vulnerable 2026-06-08 06:11:11.149231 Details available
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component.
Published: 2023-10-05T00:00:00.000Z
Updated: 2024-09-12T20:00:05.384Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43342 vulnerable 2026-06-08 06:11:11.148732 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.