Quickersite : Security Vulnerabilities, CVEs, CVSS score >= 5

CVE-2008-6678

SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp.
Max CVSS
7.5
EPSS Score
0.68%
Published
2009-04-08
Updated
2017-08-17

CVE-2008-6677

Unrestricted file upload vulnerability in fckeditor251/editor/filemanager/connectors/asp/upload.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
Max CVSS
7.5
EPSS Score
1.45%
Published
2009-04-08
Updated
2009-04-23

CVE-2008-6676

QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.45%
Published
2009-04-08
Updated
2017-08-17

CVE-2008-6674

mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter.
Max CVSS
5.0
EPSS Score
0.58%
Published
2009-04-08
Updated
2009-04-23

CVE-2008-6673

asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict access to administrative functionality, which allows remote attackers to (1) change the admin password via the cSaveAdminPW action; (2) modify site information, such as the contact address, via the saveAdmin; and (3) modify the site design via the saveDesign action.
Max CVSS
7.5
EPSS Score
0.62%
Published
2009-04-08
Updated
2009-04-23
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close