216.73.217.80

CVE-2024-58308

· Published 11/12/2025 22:15 · Modified 12/12/2025 15:17

Labels: CVE-2024-58308 2025-12-11CVE-2024-58308[email protected]

Essential information

Published
11/12/2025 22:15
Modified
12/12/2025 15:17
Author
Creator
CVSS
9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system.

NVD status

Status
Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

References