Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-42258

BQE | BillQuick Web SuiteAdded 2021-11-03Remediation Deadline 2021-11-17Active Ransomware Campaign

BQE BillQuick Web Suite SQL Injection Vulnerability

BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-89

References