CVE-2025-13596

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13596 Improper Error Handling Leading to Sensitive Information Disclosure in CIGES ≤ 2.15.6

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13596 Improper Error Handling Leading to Sensitive Information Disclosure in CIGES ≤ 2.15.6

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13596

The vulnerability CVE-2025-13596 affects ATISoluciones CIGES Application (version 2.15.6 and earlier). The root cause is improper error handling: unhandled exceptions lead to detailed error messages and stack traces being returned to clients, exposing internal filesystem paths, SQL queries, datab...

PT-2025-47890

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

ATISoluciones CIGES 安全漏洞

ATISoluciones CIGES is an appointment queuing management system from ATISoluciones, Spain. A security vulnerability exists in ATISoluciones CIGES version 2.15.6 and earlier, which stems from the return of detailed error messages from the error handling component and could lead to the disclosure o...

EUVD-2024-48985

Malicious code in bioql PyPI...

EUVD-2025-5319

Malicious code in bioql PyPI...

CVE-2025-1751

A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint...

CVE-2025-1751

A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint...

CVE-2025-1751

CVE-2025-1751 affects Ciges 2.15.5 (ATISoluciones). The vulnerability is a SQL Injection in the /modules/ajaxBloqueaCita.php endpoint via the $idServicio parameter, enabling an attacker to retrieve, create, update, and delete database data. CVSSv3.1 base score 9.8 (N: network vector, low complexi...

CVE-2025-1751 SQL Injection CIGES

A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint...

CVE-2025-1751 SQL Injection CIGES

A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint...

PT-2025-8934 · Ciges · Ciges

Name of the Vulnerable Software and Affected Versions: Ciges version 2.15.5 Description: A SQL Injection vulnerability has been found in Ciges, allowing an attacker to retrieve, create, update, and delete database entries via the $idServicio parameter in the /modules/ajaxBloqueaCita.php endpoint...

Ciges SQL注入漏洞

Ciges is an application from Ciges Inc. A security vulnerability exists in Ciges version 2.15.5. An attacker exploiting this vulnerability can retrieve, create, update, and delete databases via the $idServicio parameter in the /modules/ajaxBloqueaCita.php endpoint...

CVE-2024-8161

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database...

CVE-2024-8161

CVE-2024-8161 affects ATISolutions CIGES versions before 2.15.5. A SQL injection flaw in the /modules/ajaxServiciosCentro.php endpoint (parameter: idCentro) lets remote attackers retrieve all database information. Impact is high (CVE details show total data exposure possible). Remediation: upgrad...

CIGES 安全漏洞

CIGES is a queue and reservation management system from CIGES, Inc. A security vulnerability exists in CIGES versions prior to 2.15.5, which stems from a vulnerability that allows a remote attacker to send a specially crafted SQL query and retrieve all information stored in the database...

PT-2024-38847 · Atisolutions · Atisolutions Ciges

Name of the Vulnerable Software and Affected Versions: ATISolutions CIGES versions prior to 2.15.5 Description: The issue is a SQL injection vulnerability that allows a remote attacker to send a specially crafted SQL query to the "/modules/ajaxServiciosCentro.php" endpoint in the idCentro paramet...

CVE-2024-2725

Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application...