Skip to main content

Qsige

7 CVEs product

Monthly

CVE-2023-4103 HIGH This Week

QSige statistics are affected by a remote SQLi vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Qsige
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-4102 HIGH This Week

QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Qsige
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-4101 MEDIUM This Month

The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qsige
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-4100 HIGH This Week

Allows an attacker to perform XSS attacks stored on certain resources. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qsige
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2023-4099 MEDIUM This Month

The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qsige
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-4098 HIGH This Week

It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Qsige
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-4097 HIGH This Week

The file upload functionality is not implemented correctly and allows uploading of any type of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Qsige
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 0% CVSS 8.8
HIGH This Week

QSige statistics are affected by a remote SQLi vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Qsige
NVD
EPSS 1% CVSS 8.8
HIGH This Week

QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Qsige
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qsige
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Allows an attacker to perform XSS attacks stored on certain resources. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qsige
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qsige
NVD
EPSS 0% CVSS 8.8
HIGH This Week

It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Qsige
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The file upload functionality is not implemented correctly and allows uploading of any type of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Qsige
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy