Lucene search
K

6 matches found

CVE
CVE
added 2026/01/27 4:32 p.m.18 views

CVE-2026-1481

CVE-2026-1481 describes an out-of-band SQL injection affecting the Performance Evaluation (EDD) application from Gabinete Técnico de Programación. The vulnerability targets the Id_usuario parameter in /evaluacion_objetivos_anyo_sig_ver_auto.aspx, enabling an attacker to exfiltrate sensitive data ...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/01/27 4:30 p.m.16 views

CVE-2026-1477

CVE-2026-1477 affects the Performance Evaluation (EDD) application by Gabinete Técnico de Programación. Affected component: API endpoints handling the parameters in the old evaluation page (/evaluacion_competencias_evalua_old.aspx), specifically Id_usuario and Id_evaluacion. Root cause: out-of-ba...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/27 4:29 p.m.4 views

CVE-2026-1476

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in ‘/evaluacionaccionesverauto.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 4:28 p.m.3 views

CVE-2026-1475 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Idusuario' in ‘/evaluacionaccionesevalua.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 4:27 p.m.27 views

CVE-2026-1473 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS0.00321EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.7 views

Quatuor Evaluation of Performance SQL Injection Vulnerability

Quatuor Evaluación de Desempeño is a performance evaluation system developed by the Spanish company Quatuor. Quatuor Evaluación de Desempeño has a SQL injection vulnerability. This vulnerability stems from an external SQL injection in the parameter Idusuario within the...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
Rows per page
Query Builder