Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.
History

Mon, 07 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Qualitor qualitor
CPEs cpe:2.3:a:qualitor:qualitor:*:*:*:*:*:*:*:*
Vendors & Products Qualitor qualitor

Thu, 12 Jun 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 12 Jun 2025 16:45:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-06T00:00:00.000Z

Updated: 2025-06-12T16:38:22.382Z

Reserved: 2023-11-05T00:00:00.000Z

Link: CVE-2023-47253

cve-icon Vulnrichment

Updated: 2024-08-02T21:09:35.888Z

cve-icon NVD

Status : Analyzed

Published: 2023-11-06T06:15:40.957

Modified: 2025-07-07T18:50:25.087

Link: CVE-2023-47253

cve-icon Redhat

No data.