SQL Injection in Opensolution Quick.cms
CVE-2024-58308
Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized admi…
Vulnerability class: SQL Injection
EPSS: 0.002 (47.5th percentile) — read the EPSS interpretation.
Affected products
- Opensolution Quick.cms — versions 6.7
Weakness classification (CWE)
References
- ExploitDB-51910 (exploit)
- Official Product Homepage (product)
- Software Link (product)
- VulnCheck Advisory: Quick.CMS 6.7 SQL Injection Authentication Bypass via Admin Login (third-party-advisory)