Filtered by vendor Atisoluciones
Subscribe
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-2722 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in the CIGESv2 system, through /ajaxConfigTotem.php, in the 'id' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query. | |||||
| CVE-2024-2723 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query. | |||||
| CVE-2024-2724 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in the CIGESv2 system, through /ajaxServiciosAtencion.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query. | |||||
| CVE-2024-2725 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 7.5 HIGH |
| Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application. | |||||
| CVE-2024-2726 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 6.1 MEDIUM |
| Stored Cross-Site Scripting (Stored-XSS) vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration. | |||||
| CVE-2024-2727 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 6.1 MEDIUM |
| HTML injection vulnerability affecting the CIGESv2 system, which allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message. | |||||
| CVE-2024-2728 | 1 Atisoluciones | 1 Ciges | 2025-10-15 | N/A | 4.1 MEDIUM |
| Information exposure vulnerability in the CIGESv2 system. This vulnerability could allow a local attacker to intercept traffic due to the lack of proper implementation of the TLS protocol. | |||||