Shodan
Vulnerabilities
Vulnerable Software
Quiter:  Security Vulnerabilities
CVE-2025-40719
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40720
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /<Client>FacturaE/VerFacturaPDF.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40721
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_factura parameter in /<Client>FacturaE/listado_facturas_ficha.jsp.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40712
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40713
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo parameter in/<Client>FacturaE/BusquedasFacturasSesion.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40714
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo id_factura in /<Client>FacturaE/listado_facturas_ficha.jsp.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40715
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo mensaje in /QISClient/api/v1/sucesospaginas.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40716
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the suceso.contenido mensaje in /QMSCliente/Sucesos.action.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40717
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pagina.filter.categoria mensaje in /QuiterGatewayWeb/api/v1/sucesospagina.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-07-08
CVE-2025-40718
Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing sensitive information.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-07-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved