CVE-2021-42258

BQE BillQuick Web Suite SQL Injection Vulnerability

BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution. Vendor/Product: BQE BillQuick Web Suite. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2021-42258