Vulnerabilities

CVE-2025-9982 - Hard-coded admin credentials in Quick.CMS

2025-11-14 0 views admin

CVE ID : CVE-2025-9982 Published : Nov. 14, 2025, 1:22 p.m. | 58 minutes ago Description : A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege escalation. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-9982

Severity

MEDIUM

Published

Nov. 14, 2025

Impact: privilege escalation

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-9982medium

CVE-2025-9982 - Hard-coded admin credentials in Quick.CMS

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15219 - SohuTV CacheCloud MachineManageController.java doPodList cross site scripting

CVE-2025-15220 - SohuTV CacheCloud LoginController.java init cross site scripting

CVE-2025-15221 - SohuTV CacheCloud AppDataMigrateController.java index cross site scripting

CVE-2025-15222 - Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.read...

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting