CVE-2025-40719

Reflected Cross-site Scripting XSS vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the idconcesion parameter in /FacturaE/VerFacturaPDF...

CVE-2025-40711

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...

Quiter Gateway 跨站脚本漏洞

Quiter Gateway is an API interface from Quiter Spain. A cross-site scripting vulnerability exists in Quiter Gateway versions prior to 4.7.0, which stems from the presence of reflective cross-site scripting in the idconcesion parameter, which could lead to the execution of malicious code...

Quiter Gateway SQL注入漏洞

Quiter Gateway is an API interface from Quiter Spain. A SQL injection vulnerability exists in Quiter Gateway versions prior to 4.7.0, which stems from a SQL injection in the idconcesion parameter, which could lead to database manipulation...

PT-2025-28406 · Unknown · Quiter Gateway

Name of the Vulnerable Software and Affected Versions: Quiter Gateway versions prior to 4.7.0 Description: The issue allows an attacker to retrieve, create, update, and delete databases through the id concesion parameter in the "/FacturaE/VerFacturaPDF" endpoint. Recommendations: For versions pri...