Qsige
Monthly
QSige statistics are affected by a remote SQLi vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Allows an attacker to perform XSS attacks stored on certain resources. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The file upload functionality is not implemented correctly and allows uploading of any type of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
QSige statistics are affected by a remote SQLi vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Allows an attacker to perform XSS attacks stored on certain resources. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The file upload functionality is not implemented correctly and allows uploading of any type of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.