IDM Sistemas QSige Security Vulnerabilities
QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the...
8.8CVSS
7.8AI Score
0.001EPSS
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the...
8.8CVSS
7.3AI Score
0.001EPSS
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the...
6.5CVSS
7.3AI Score
0.0005EPSS
The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid...
8.8CVSS
8.6AI Score
0.001EPSS
Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other...
8.2CVSS
7.7AI Score
0.0004EPSS
The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the...
6.5CVSS
6.4AI Score
0.0005EPSS
It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the...
8.8CVSS
8.5AI Score
0.001EPSS