Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17102 | 1 Quickappscms | 1 Quickapps Cms | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI. | |||||
CVE-2018-9108 | 1 Quickappscms | 1 Quickapps Cms | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges. | |||||
CVE-2017-1000495 | 1 Quickappscms | 1 Quickapps Cms | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing unauthorised actions with an administrator user's account |