Lucene search
+L

68 matches found

Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.5 views

PT-2024-33089 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor version 8.24 Description: The issue is a remote code execution RCE vulnerability. It can be exploited via the gridValoresPopHidden parameter. Recommendations: For Qualitor version 8.24, avoid using the gridValoresPopHidden parameter...

9.8CVSS7.3AI score0.02221EPSS
Exploits2References7
CVE
CVE
added 2024/10/31 12:0 a.m.60 views

CVE-2024-48359

Qualitor v8.24 contains a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter. Affected software is Qualitor (v8.24); underlying root cause is not detailed in the provided documents. Impact is high (CVE-2024-48359, CVSS 3.1: 9.8). Remediation/status: PT-Security notes...

9.8CVSS8.4AI score0.02221EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.6 views

Qualitor 安全漏洞

Qualitor is a managed service process and centralized service platform from Qualitor, Inc. A security vulnerability exists in Qualitor version v8.24, which originates from the component /request/viewValidacao.php and is vulnerable to server-side request forgery attacks...

7.5CVSS6.6AI score0.03905EPSS
Exploits3References4
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.5 views

Qualitor 安全漏洞

Qualitor is a managed service process and centralized service platform from Qualitor, Inc. A security vulnerability exists in Qualitor version v8.24, which stems from the gridValoresPopHidden parameter and is vulnerable to remote code execution attacks...

9.8CVSS8AI score0.02221EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/10/31 12:0 a.m.19 views

CVE-2024-48359

Qualitor v8.24 was discovered to contain a remote code execution RCE vulnerability via the gridValoresPopHidden parameter...

0.02221EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/10/31 12:0 a.m.25 views

CVE-2024-48360

Qualitor v8.24 was discovered to contain a Server-Side Request Forgery SSRF via the component /request/viewValidacao.php...

0.03905EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.8 views

PT-2024-33091 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor versions 8.24 and below Description: The issue is related to a Server-Side Request Forgery SSRF in the component /request/viewValidacao.php. This allows for an unauthenticated server-side request forgery vulnerability. Recommendation...

7.5CVSS6.3AI score0.03905EPSS
Exploits3References8
Vulnrichment
Vulnrichment
added 2024/10/31 12:0 a.m.13 views

CVE-2024-48359

Qualitor v8.24 was discovered to contain a remote code execution RCE vulnerability via the gridValoresPopHidden parameter...

8.3AI score0.02221EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2024/10/31 12:0 a.m.318 views

Qualitor 8.24 Server-Side Request Forgery

CVE-2024-48360 | Qualitor = v8.24 Unauthenticated SSRF Description Qualitor is a platform for business process management, and this system is present in various companies in Brazil that can be identified simply by using Google dorking. Our team identified a vulnerability in the application...

7.4AI score0.03905EPSS
Exploits3
CVE
CVE
added 2024/10/31 12:0 a.m.75 views

CVE-2024-48360

Qualitor ≤ v8.24 is affected by an unauthenticated Server-Side Request Forgery via /request/viewValidacao.php. The vulnerability (CVE-2024-48360) allows forcing the server to make arbitrary requests, potentially probing internal resources. CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (base 7.5)....

7.5CVSS7.4AI score0.03905EPSS
Exploits3References3Affected Software1
GithubExploit
GithubExploit
added 2024/10/30 2:55 p.m.88 views

Exploit for Server-Side Request Forgery in Qualitor

CVE-2024-48360 | Qualitor = v8.24 Unauthenticated SSRF CVE-20...

7.5CVSS9.6AI score0.03905EPSS
Exploits3
VulnCheck KEV
VulnCheck KEV
added 2024/10/08 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-44849

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php...

9.8CVSS5.8AI score0.46301EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2024/09/19 5:52 p.m.166 views

Exploit for Command Injection in Qualitor

CVE-2023-47253 CVE-2023-47253 | Qualitor = 8.20 RCE De...

9.8CVSS9.9AI score0.14422EPSS
Exploits4
GithubExploit
GithubExploit
added 2024/09/19 2:6 p.m.92 views

Exploit for Command Injection in Qualitor

CVE-2023-47253 | Qualitor povoaVoComArray$REQUEST; if in...

9.8CVSS9.7AI score0.14422EPSS
Exploits4
OSV
OSV
added 2024/09/09 6:15 p.m.4 views

CVE-2024-44849

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php...

9.8CVSS5.8AI score0.46301EPSS
Exploits1References3
NVD
NVD
added 2024/09/09 6:15 p.m.14 views

CVE-2024-44849

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php...

9.8CVSS0.46301EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.4 views

Qualitor 安全漏洞

Qualitor is a managed service process and centralized service platform from Qualitor, Inc. A security vulnerability exists in Qualitor version 8.24 and earlier, which stems from vulnerability to a Remote Code Execution RCE attack that can be exploited by an attacker via an arbitrary file upload i...

9.8CVSS7.4AI score0.46301EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/09/09 12:0 a.m.20 views

CVE-2024-44849

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php...

0.46301EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.6 views

PT-2024-31278 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor versions up to 8.24 Description: The issue concerns Remote Code Execution RCE via Arbitrary File Upload in the checkAcesso.php file. This allows for the execution of remote code, potentially leading to unauthorized access and control...

9.8CVSS7AI score0.46301EPSS
Exploits1References12
CVE
CVE
added 2024/09/09 12:0 a.m.71 views

CVE-2024-44849

Qualitor # Answer with one JSON object as required. The insight is in Markdown format and concise. If you need a shorter version, I can provide it. However, ensure it adheres to the given structure. Nonetheless, this retains all supported factual details from the documents. If you'd like me to ta...

9.8CVSS7.5AI score0.46301EPSS
In wildExploits1References3Affected Software1
Rows per page
Query Builder