agarma

1 exploit Active since Mar 2021
CVE-2020-24913 NOMISEC CRITICAL WORKING POC
qcubed < 3.1.1 and >=0 < 3.2 - Unauthenticated SQL Injection via profile.php strQuery Parameter
A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
CVSS 9.8