CVE-2021-42258: BQE BillQuick Web Suite SQL Injection Vulnerability. BQE

BQE BillQuick Web Suite SQL Injection Vulnerability. BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.1% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions