14 matches found
CVE-2025-15236
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
CVE-2025-15240
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-15239
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15238
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15237
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
CVE-2025-15237 Quanta Computer|QOCA aim AI Medical Cloud Platform - Path Traversal
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
CVE-2025-15237 Quanta Computer|QOCA aim AI Medical Cloud Platform - Path Traversal
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
CVE-2025-15236
QOCA aim AI Medical Cloud Platform (Quanta Computer) is affected by an Absolute Path Traversal vulnerability that allows authenticated remote attackers to read folder names under a specified path. Public sources across multiple feeds (NVD, Red Hat, CVE listing, CNNVD, CIRCL, EUVD, PT Security) de...
PT-2026-1221
Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description A Missing Authorization issue exists in QOCA aim AI Medical Cloud Platform. Authenticated remote attackers can modify network packet parameters, potentially allowin...
CVE-2024-13040
CVE-2024-13040 details (Quanta Computer QOCA aim): A vulnerability titled “Authorization Bypass Through User-Controlled Key” arises from allowing manipulation of the user ID parameter. Remote attackers with regular privileges could access features as any user, modify any user’s account informatio...
CVE-2024-13040 Quanta Computer QOCA aim - Authorization Bypass
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to...
CVE-2024-13040 Quanta Computer QOCA aim - Authorization Bypass
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to...
PT-2024-17898 · Quanta Computer · Qoca Aim
Name of the Vulnerable Software and Affected Versions: Quanta Computer's QOCA aim affected versions not specified Description: The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key issue. By controlling the user ID parameter, remote attackers with regular...
Quanta Computer QOCA aim 安全漏洞
Quanta Computer QOCA aim is an AI-assisted medical imaging and automated reasoning platform from Quanta Computer China. A security vulnerability exists in Quanta Computer QOCA aim that stems from an authorization bypass user control key vulnerability that allows a remote attacker with regular...