Description

Acunetix detected BillQuick Web Suite. This version has several SQL injection vulnerabilities. Successful attacks of these vulnerabilities can result in takeover of the server.

Remediation

Upgrade to the latest version of BillQuick Web Suite

References

Hackers Are Exploiting a Vulnerability in Popular Billing Software to Deploy Ransomware

Related Vulnerabilities

WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4)

WordPress Plugin Quartz SQL Injection (1.01.1)

WordPress Plugin Good LMS-Learning Management System SQL Injection (2.1.4)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)

WordPress Plugin Email Before Download SQL Injection (3.4)

Severity

High

Classification

CVE-2021-42258 CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

Tags

SQL Injection