9 matches found
EUVD-2025-20459
Malicious code in bioql PyPI...
CVE-2025-40715
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas...
CVE-2025-40721
Reflected Cross-site Scripting XSS vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the idfactura parameter in /FacturaE/listadofacturasficha.jsp...
CVE-2025-40718
Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing sensitive information...
CVE-2025-40711
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the idconcesion parameter in /FacturaE/VerFacturaPDF...
CVE-2025-40721 Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway
Reflected Cross-site Scripting XSS vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the idfactura parameter in /FacturaE/listadofacturasficha.jsp...
CVE-2025-40718
CVE-2025-40718 : Affected product is Quiter Gateway (Quiter). The vulnerability arises from improper error handling in versions prior to 4.7.0, which can cause the system to generate error messages containing sensitive information when presented with malformed payloads. The CVE is supported by mu...
CVE-2025-40717
CVE-2025-40717 affects Quiter Gateway prior to 4.7.0. The vulnerability is an SQL injection in the pagina.filter.categoria mensaje parameter of the /QuiterGatewayWeb/api/v1/sucesospagina endpoint, enabling an attacker to retrieve, create, update, and delete databases. Root cause is an injectable ...
PT-2025-28412 · Unknown · Quiter Gateway
Name of the Vulnerable Software and Affected Versions: Quiter Gateway versions prior to 4.7.0 Description: The issue allows an attacker to retrieve, create, update, and delete databases through the "pagina.filter.categoria mensaje" in the "/QuiterGatewayWeb/api/v1/sucesospagina" endpoint. This...