CNNVD-202511-3059 Information

CNNVD ID

CNNVD-202511-3059

Related CVE

CVE-2025-13792

• CNNVD Published: 2025-11-30

Description (Chinese)

Qualitor是Qualitor公司的一个管理服务流程和集中服务平台。 Qualitor 8.20版本和8.24版本存在代码注入漏洞，该漏洞源于文件/html/st/stdeslocamento/request/getResumo.php中参数passageiros的错误操作，可能导致代码注入攻击。

Description (English)

Qualitor is a Qualitor management service process and centralized service platform. Qualitor 8.20 and 8.24 had a code injection loophole, which stemmed from the error of the parameter passageiros in document /html/st/stdeslomento/request/getRemo.php, which could lead to a code injection attack.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

Qualitor

Published

2025-11-30

Last Modified

2026-02-24

References

https://www.youtube.com/watch?v=hU8YbFc6KpI https://vuldb.com/?ctiid.333796 https://vuldb.com/?submit.704314 https://www.qualitor.com.br/official-security-advisory-cve-2025-13792 https://vuldb.com/?submit.691251 https://vuldb.com/?id.333796 https://access.redhat.com/security/cve/cve-2025-13792