Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.
References
| Link | Resource |
|---|---|
| https://github.com/OpenXP-Research/CVE-2024-48359 | Exploit Third Party Advisory |
| https://www.qualitor.com.br/official-security-advisory-cve-2024-48359 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Jul 2025, 20:36
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:* cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:* |
|
| References | () https://github.com/OpenXP-Research/CVE-2024-48359 - Exploit, Third Party Advisory | |
| References | () https://www.qualitor.com.br/official-security-advisory-cve-2024-48359 - Vendor Advisory | |
| First Time |
Qualitor qualitor
Qualitor |
12 Jun 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| Summary |
|
01 Nov 2024, 21:35
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-94 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
31 Oct 2024, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-10-31 20:15
Updated : 2025-07-01 20:36
NVD link : CVE-2024-48359
Mitre link : CVE-2024-48359
CVE.ORG link : CVE-2024-48359
JSON object : View
Products Affected
qualitor
- qualitor
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')