Cross-Site Scripting Vulnerability in Open Solution's Quick.Cms and Quick.Cart Products
CVE-2012-6430

Currently unrated

Key Information:

Vendor

Opensolution

Status
Quick Cart
Quick Cms
Vendor
CVE Published:
24 March 2014

What is CVE-2012-6430?

An XSS vulnerability exists in Open Solution's Quick.Cms 5.0 and Quick.Cart 6.0 products, potentially affecting versions downloaded before December 19, 2012. This flaw allows remote attackers to inject arbitrary scripts or HTML code via the PATH_INFO parameter in admin.php, which can lead to unauthorized access or manipulation of the web application's content. The issue may overlap with another known vulnerability, emphasizing the importance of securing web applications from such threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/89120
vdb-entryx_refsource_OSVDB
http://osvdb.org/89119
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/51813
third-party-advisoryx_refsource_SECUNIA

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.