VYPR

Qualitor

by Qualitor

CVEs (7)

  • CVE-2025-13792HigNov 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing a manipulation of the argument passageiros results in code injection. Remote…

  • CVE-2025-5139MedMay 25, 2025
    risk 0.37cvss 5.6epss 0.03

    A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of…

  • CVE-2025-14580LowDec 12, 2025
    risk 0.23cvss 3.5epss 0.00

    A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an unknown function of the file /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php. Such manipulation of the argument cdscript leads to cross site scripting. It is…

  • CVE-2023-47253Nov 6, 2023
    risk 0.08cvss epss 0.14

    Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.

  • CVE-2024-48360Oct 31, 2024
    risk 0.07cvss epss 0.04

    Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.

  • CVE-2024-44849Sep 9, 2024
    risk 0.07cvss epss 0.46

    Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.

  • CVE-2024-48359Oct 31, 2024
    risk 0.03cvss epss 0.02

    Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.