Qsige
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4103 | 0.00 | — | 0.00 | Oct 3, 2023 | QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application. | ||
| CVE-2023-4102 | 0.00 | — | 0.00 | Oct 3, 2023 | QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | ||
| CVE-2023-4101 | 0.00 | — | 0.00 | Oct 3, 2023 | The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | ||
| CVE-2023-4100 | 0.00 | — | 0.00 | Oct 3, 2023 | Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions. | ||
| CVE-2023-4097 | 0.00 | — | 0.00 | Oct 3, 2023 | The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username. |
- CVE-2023-4103Oct 3, 2023risk 0.00cvss —epss 0.00
QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.
- CVE-2023-4102Oct 3, 2023risk 0.00cvss —epss 0.00
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.
- CVE-2023-4101Oct 3, 2023risk 0.00cvss —epss 0.00
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.
- CVE-2023-4100Oct 3, 2023risk 0.00cvss —epss 0.00
Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions.
- CVE-2023-4097Oct 3, 2023risk 0.00cvss —epss 0.00
The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username.