CVE-2008-6676
QuickerSite 1.8.5 - Information Disclosure via showThumb.aspx
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-6676.
AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in QuickerSite CMS 1.8.5, including insecure direct object references, XSS, and mailbombing. It provides functional HTML forms and URLs to exploit these flaws without requiring authentication.
Description
QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message.
Exploits (1)
The exploit demonstrates multiple vulnerabilities in QuickerSite CMS 1.8.5, including insecure direct object references, XSS, and mailbombing. It provides functional HTML forms and URLs to exploit these flaws without requiring authentication.