Filtered by vendor Quiter
Subscribe
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-40715 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.
|
|||||
| CVE-2025-40716 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the suceso.contenido mensaje in /QMSCliente/Sucesos.action.
|
|||||
| CVE-2025-40717 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pagina.filter.categoria mensaje in /QuiterGatewayWeb/api/v1/sucesospagina.
|
|||||
| CVE-2025-40718 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 7.5 HIGH |
|
Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing sensitive information.
|
|||||
| CVE-2025-40719 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 6.1 MEDIUM |
|
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF.
|
|||||
| CVE-2025-40720 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 6.1 MEDIUM |
|
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /<Client>FacturaE/VerFacturaPDF.
|
|||||
| CVE-2025-40721 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | N/A | 5.4 MEDIUM |
|
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_factura parameter in /<Client>FacturaE/listado_facturas_ficha.jsp.
|
|||||
| CVE-2025-40711 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF.
|
|||||
| CVE-2025-40712 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura.
|
|||||
| CVE-2025-40713 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo parameter in/<Client>FacturaE/BusquedasFacturasSesion.
|
|||||
| CVE-2025-40714 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo id_factura in /<Client>FacturaE/listado_facturas_ficha.jsp.
|
|||||