Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in IDM Sistemas QSige
Vulnerability Description
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
IDM Sistemas QSige SQL注入漏洞
Vulnerability Description
IDM Sistemas QSige是IDM Sistemas公司的一个通信管理系统。 IDM Sistemas QSige存在安全漏洞,该漏洞源于没有访问控制机制来验证请求资源的用户是否具有足够的权限来执行此操作。
CVSS Information
N/A
Vulnerability Type
N/A