cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-38642,https://securityvulnerability.io/vulnerability/CVE-2024-38642,QuMagie Vulnerability Could Allow Local Network Users to Compromise Security,"An improper certificate validation vulnerability has been identified in QuMagie by QNAP, which allows local network users to potentially compromise the security of the system. This vulnerability arises from the inadequate validation of certificate authenticity. If successfully exploited, it could expose sensitive system components to unauthorized access. The issue has been addressed in QuMagie version 2.3.1 and later, emphasizing the importance of upgrading to maintain security integrity.",QNAP,Qumagie,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-09-06T16:29:44.378Z,0 CVE-2023-47219,https://securityvulnerability.io/vulnerability/CVE-2023-47219,QuMagie,"A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later ",QNAP,QuMagie,3.5,LOW,0.0007399999885819852,false,false,false,false,,false,false,2024-01-05T17:15:00.000Z,0 CVE-2023-47559,https://securityvulnerability.io/vulnerability/CVE-2023-47559,QuMagie,"A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later ",QNAP,QuMagie,5.5,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-01-05T17:15:00.000Z,0 CVE-2023-47560,https://securityvulnerability.io/vulnerability/CVE-2023-47560,QuMagie,"An OS command injection vulnerability has been identified in QuMagie that allows authenticated users to execute arbitrary commands over the network. Exploitation of this vulnerability could lead to unauthorized system access and command execution, posing significant risks to user data and system integrity. The issue has been resolved in QuMagie version 2.2.1 and later, and users are advised to upgrade to these versions to mitigate potential threats.",QNAP,QuMagie,7.4,HIGH,0.0008699999889358878,false,false,false,false,,false,false,2024-01-05T17:15:00.000Z,0 CVE-2023-39295,https://securityvulnerability.io/vulnerability/CVE-2023-39295,QuMagie,"An OS command injection vulnerability in QuMagie allows authenticated users to execute arbitrary commands from a network interface. This poses significant security risks, enabling attackers to manipulate system functions or access sensitive data. The issue has been addressed in version 2.1.3 and later, ensuring that users upgrade to mitigate potential threats.",QNAP,Qumagie,8.8,HIGH,0.0011099999537691474,false,false,false,false,,false,false,2023-11-10T16:15:00.000Z,0 CVE-2023-41284,https://securityvulnerability.io/vulnerability/CVE-2023-41284,QuMagie,"A SQL injection vulnerability has been identified in the QuMagie application by QNAP. This flaw allows authenticated users to potentially inject malicious SQL code via a network, exploiting the application's input validation weaknesses. It is essential for users to upgrade to QuMagie version 2.1.4 or later to mitigate the risk associated with this vulnerability. For further details and security advisories, visit the official QNAP security page.",QNAP,Qumagie,7.4,HIGH,0.0007399999885819852,false,false,false,false,,false,false,2023-11-10T16:15:00.000Z,0 CVE-2023-41285,https://securityvulnerability.io/vulnerability/CVE-2023-41285,QuMagie,"A SQL injection vulnerability has been detected in QuMagie, allowing authenticated users to execute unauthorized commands through malicious code injection. This issue could potentially compromise the integrity and security of the application's data. QNAP has addressed this concern by releasing a fix in QuMagie version 2.1.4 and later, rendering earlier versions susceptible to exploitation.",QNAP,Qumagie,7.4,HIGH,0.0007399999885819852,false,false,false,false,,false,false,2023-11-10T16:15:00.000Z,0