Description

Acunetix detected BillQuick Web Suite. This version has several SQL injection vulnerabilities. Successful attacks of these vulnerabilities can result in takeover of the server.

Remediation

Upgrade to the latest version of BillQuick Web Suite

References

Hackers Are Exploiting a Vulnerability in Popular Billing Software to Deploy Ransomware

Related Vulnerabilities

WordPress Plugin The Sorter SQL Injection (1.0)

WordPress Plugin Blogger To WordPress SQL Injection (2.2.1)

WordPress Plugin UPM Polls 'qid' Parameter SQL Injection (1.0.3)

WordPress Plugin WORDPRESS VIDEO GALLERY SQL Injection (2.8)

WordPress Plugin Slimstat Analytics SQL Injection (5.0.4)

Severity

High

Classification

CVE-2021-42258 CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

Tags

SQL Injection