Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.5 views

CVE-2026-1483

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in '/evaluacionobjetivosverauto.aspx', could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 5:16 p.m.9 views

CVE-2026-1481

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in '/evaluacionobjetivosanyosigverauto.aspx', could allow an attacker to...

9.3CVSS0.00327EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 5:16 p.m.18 views

CVE-2026-1473

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 4:32 p.m.16 views

CVE-2026-1481

CVE-2026-1481 describes an out-of-band SQL injection affecting the Performance Evaluation (EDD) application from Gabinete Técnico de Programación. The vulnerability targets the Id_usuario parameter in /evaluacion_objetivos_anyo_sig_ver_auto.aspx, enabling an attacker to exfiltrate sensitive data ...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/01/27 4:31 p.m.15 views

CVE-2026-1480

The CVE-2026-1480 entry documents an out-of-band SQL injection in the Performance Evaluation (EDD) application by Gabinete Técnico de Programación. The vulnerability affects the Id_usuario parameter in the /evaluacion_objetivos_anyo_sig_evalua.aspx endpoint, enabling an attacker to exfiltrate sen...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/01/27 4:31 p.m.25 views

CVE-2026-1479

The CVE-2026-1479 entry describes an out-of-band SQL injection in the Performance Evaluation (EDD) application from Gabinete Técnico de Programación. The vulnerability affects the /evaluacion_hca_ver_auto.asp endpoint, where attacker-controlled values in the Id_usuario and Id_evaluacion parameter...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/01/27 4:30 p.m.7 views

EUVD-2026-4776

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 4:30 p.m.4 views

CVE-2026-1477 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacioncompetenciasevaluaold.aspx’, could allow ...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 4:30 p.m.16 views

CVE-2026-1477

CVE-2026-1477 affects the Performance Evaluation (EDD) application by Gabinete Técnico de Programación. Affected component: API endpoints handling the parameters in the old evaluation page (/evaluacion_competencias_evalua_old.aspx), specifically Id_usuario and Id_evaluacion. Root cause: out-of-ba...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/01/27 4:29 p.m.7 views

EUVD-2026-4748

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in ‘/evaluacionaccionesverauto.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 4:29 p.m.4 views

CVE-2026-1476

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in ‘/evaluacionaccionesverauto.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 4:28 p.m.3 views

CVE-2026-1475 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Idusuario' in ‘/evaluacionaccionesevalua.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 4:27 p.m.5 views

EUVD-2026-4746

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion' en ‘/evaluacioninicio.aspx’, could allow an attacker to...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 4:27 p.m.27 views

CVE-2026-1473 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 4:27 p.m.4 views

CVE-2026-1473 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS5.8AI score0.00321EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.6 views

Quatuor Evaluation of Performance SQL Injection Vulnerability

Quatuor Evaluación de Desempeño is a performance evaluation system developed by the Spanish company Quatuor. Quatuor Evaluación de Desempeño has a SQL injection vulnerability. This vulnerability stems from an external SQL injection in the parameter Idusuario within the...

9.3CVSS5.8AI score0.00321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4978

Name of the Vulnerable Software and Affected Versions Performance Evaluation EDD application versions affected versions not specified Description An out-of-band SQL injection flaw exists in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploitation of...

9.3CVSS5.9AI score0.00327EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.7 views

Quatuor Evaluation of Performance SQL Injection Vulnerability

Quatuor Evaluación de Desempeño is a performance evaluation system developed by the Spanish company Quatuor. Quatuor Evaluación de Desempeño has a SQL injection vulnerability. This vulnerability stems from an external SQL injection in the parameter Idusuario within the...

9.3CVSS5.8AI score0.00327EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4974

Name of the Vulnerable Software and Affected Versions Performance Evaluation EDD application affected versions not specified Description An out-of-band SQL injection flaw exists in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploitation of this flaw...

9.3CVSS5.9AI score0.00327EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/07 12:49 p.m.11 views

CVE-2025-41114

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'...

8.7CVSS6.7AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder