Jacopo Candido Augelli

1 exploit Active since Nov 2025
CVE-2025-60574 NOMISEC HIGH WORKING POC
tQuadra CMS 4.2.1117 - Local File Inclusion via Styles Path
A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue exists in the "/styles/" path, which fails to properly sanitize user-supplied input. An attacker can exploit this by sending a crafted GET request to retrieve arbitrary files from the underlying system.
CVSS 7.5