RSS   Vulnerabilities for 'Quickapps cms'   RSS

2018-09-16
 
CVE-2018-17102

CWE-352
 

 
An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI.

 
2018-03-28
 
CVE-2018-9108

CWE-352
 

 
CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges.

 
2018-01-03
 
CVE-2017-1000495

CWE-79
 

 
QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing unauthorised actions with an administrator user's account

 


Copyright 2024, cxsecurity.com

 

Back to Top