Description
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
Published: 2014-03-24
Score: 4.3 Medium
EPSS: 3.9% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 16 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Opensolution quick.cart
CPEs cpe:2.3:a:opensolution:quick_cart:6.0:*:*:*:*:*:*:* cpe:2.3:a:opensolution:quick.cart:6.0:*:*:*:*:*:*:*
Vendors & Products Opensolution quick Cart
Opensolution quick.cart

Subscriptions

Opensolution Quick.cart Quick Cms
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T21:28:39.936Z

Reserved: 2012-12-19T00:00:00.000Z

Link: CVE-2012-6430

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-03-24T16:43:01.910

Modified: 2026-06-16T23:48:05.307

Link: CVE-2012-6430

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')