Exposures › CVE-2020-24913
A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
“BREAKING: Apple accuses an OpenAI employee of hacking its systems, downloading unreleased product files, & celebrating the breach as 'so funny.'”
“A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.”
“Accenture Confirms Intrusion After Hacker Claims 35GB Data Breach”
“Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.”
“Hackers exploit Roundcube flaw to spy on academic researchers”
“'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets”
“CVE 2020-24913 is a critical vulnerability in qcubed.”
No correlated FedRAMP products.