Filtered by vendor Quiter
Subscriptions
Filtered by product Quiter Gateway
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40715 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas. | ||||
| CVE-2025-40716 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the suceso.contenido mensaje in /QMSCliente/Sucesos.action. | ||||
| CVE-2025-40717 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pagina.filter.categoria mensaje in /QuiterGatewayWeb/api/v1/sucesospagina. | ||||
| CVE-2025-40718 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 7.5 High |
| Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing sensitive information. | ||||
| CVE-2025-40719 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 6.1 Medium |
| Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF. | ||||
| CVE-2025-40720 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 6.1 Medium |
| Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /<Client>FacturaE/VerFacturaPDF. | ||||
| CVE-2025-40721 | 1 Quiter | 1 Quiter Gateway | 2025-10-18 | 5.4 Medium |
| Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_factura parameter in /<Client>FacturaE/listado_facturas_ficha.jsp. | ||||
| CVE-2025-40711 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF. | ||||
| CVE-2025-40712 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura. | ||||
| CVE-2025-40713 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo parameter in/<Client>FacturaE/BusquedasFacturasSesion. | ||||
| CVE-2025-40714 | 1 Quiter | 1 Quiter Gateway | 2025-10-15 | 9.8 Critical |
| SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo id_factura in /<Client>FacturaE/listado_facturas_ficha.jsp. | ||||
Page 1 of 1.