2 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-48359
https://notcve.org/view.php?id=CVE-2024-48359
31 Oct 2024 — Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter. • https://github.com/OpenXP-Research/CVE-2024-48359 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2024-48360 – Qualitor 8.24 Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2024-48360
31 Oct 2024 — Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php. Qualitor versions 8.24 and below suffer from an unauthenticated server-side request forgery vulnerability. • https://packetstorm.news/files/id/182427 • CWE-918: Server-Side Request Forgery (SSRF) •