Exposures › CVE-2021-42258

CVE-2021-42258

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.

Players implicated

Description

BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.