← Back

Quickapps Cms

quickapps_cms

Vendor: Quickappscms • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-17102
1Quickappscms
1Quickapps Cms
Nov 21, 2024
Sep 16, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI.
CVE-2018-9108
1Quickappscms
1Quickapps Cms
Jun 17, 2026
Mar 28, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges.
CVE-2017-1000495
1Quickappscms
1Quickapps Cms
Nov 21, 2024
Jan 3, 2018
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing unauthorised actions with an administrator user's account