exploitDog

GHSA-5jvh-x22f-4wj2

Опубликовано: 08 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

CVSS3: 9.8

Описание

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.

Ссылки

EPSS

Процентиль: 10%

0.00036

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40715

CVSS3: 9.8

nvd

7 месяцев назад

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.

EPSS

Процентиль: 10%

0.00036

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89