Unrated severityNVD Advisory· Published Mar 24, 2014· Updated May 6, 2026
CVE-2012-6430
CVE-2012-6430
Description
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
Affected products
2- cpe:2.3:a:opensolution:quick.cart:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:opensolution:quick_cms:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- archives.neohapsis.com/archives/bugtraq/2013-01/0035.htmlnvdExploit
- packetstormsecurity.com/files/119422/Quick.Cms-5.0-Quick.Cart-6.0-Cross-Site-Scripting.htmlnvdExploit
- www.htbridge.com/advisory/HTB23135nvdExploit
- secunia.com/advisories/51769nvdVendor Advisory
- secunia.com/advisories/51813nvdVendor Advisory
- osvdb.org/89119nvd
- osvdb.org/89120nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/81169nvd
News mentions
0No linked articles in our index yet.