CVE-2021-42258 - BQE BillQuick Web Suite SQL Injection Vulnerability
Project:BQE
Product:BillQuick Web Suite
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
BQE BillQuick Web Suite SQL Injection Vulnerability
Description
BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42258