← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-42258 — Actively Exploited: BillQuick Web Suite (BQE)

BQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.

CVE IDCVE-2021-42258
VendorBQE
ProductBillQuick Web Suite
Vulnerability nameBQE BillQuick Web Suite SQL Injection Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionBQE BillQuick Web Suite contains an SQL injection vulnerability when accessing the username parameter that may allow for unauthenticated, remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →