CVE-2025-9982 in QuickCMSinfo

Zusammenfassung

von MITRE • 14.11.2025

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege escalation.

The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

CERT-PL

Reservieren

04.09.2025

Veröffentlichung

14.11.2025

Moderieren

akzeptiert

Eintrag

VDB-332488

CPE

bereit

CWE

CWE-256 (bestätigt)

CVSS

7.5 (NVD)

EPSS

0.00042

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-9982
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-9982
CVE Details	https://www.cvedetails.com/cve/CVE-2025-9982/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!