6 matches found
CVE-2025-15237
Summary: CVE-2025-15237 concerns the QOCA aim AI Medical Cloud Platform from Quanta Computer, which is reported to have an Absolute Path Traversal vulnerability that enables an authenticated remote attacker to read folder names under a given path. The available sources (NVD, Red Hat, CNNVD, CVE L...
CVE-2025-15239
CVE-2025-15239 concerns the QOCA aim AI Medical Cloud Platform from Quanta Computer. The connected sources confirm a SQL Injection vulnerability that enables authenticated remote attackers to inject arbitrary SQL commands to read database contents. The available metrics indicate CVSS v3.1 base sc...
CVE-2025-15240
CVE-2025-15240 concerns Quanta Computer’s QOCA aim AI Medical Cloud Platform. Multiple trusted sources confirm an Arbitrary File Upload vulnerability that enables an authenticated remote attacker to upload and execute a WebShell backdoor, resulting in arbitrary code execution on the affected serv...
CVE-2025-15238
CVE-2025-15238 affects QOCA aim AI Medical Cloud Platform by Quanta Computer. It describes an SQL Injection vulnerability that allows authenticated remote attackers to inject arbitrary SQL commands to read database contents. The connected documents provide no concrete details on affected versions...
CVE-2025-15235
The CVE-2025-15235 entry concerns Quanta Computer’s QOCA aim AI Medical Cloud Platform, where a Missing Authorization flaw allows authenticated remote attackers to modify network packet parameters and access other users’ files. Affected component is the QOCA platform (no detailed version info pro...
CVE-2025-15236
QOCA aim AI Medical Cloud Platform (Quanta Computer) is affected by an Absolute Path Traversal vulnerability that allows authenticated remote attackers to read folder names under a specified path. Public sources across multiple feeds (NVD, Red Hat, CVE listing, CNNVD, CIRCL, EUVD, PT Security) de...