Vulnerabilities > Quicklert

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-43969 SQL Injection vulnerability in Quicklert 10.0.0
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections.
network
low complexity
quicklert CWE-89
7.8
2022-03-10 CVE-2021-43970 Unrestricted Upload of File with Dangerous Type vulnerability in Quicklert 10.0.0
An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes.
network
low complexity
quicklert CWE-434
critical
9.0