Qumagie

qumagie

Vendor: Qnap • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-62857 1Qnap 1Qumagie Jan 5, 2026 Jan 2, 2026 2.2 LOW· v4 6.1 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the v...Show more A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuMagie 2.8.1 and laterShow less
CVE-2025-58464 1Qnap 1Qumagie Nov 14, 2025 Nov 7, 2025 7.8 HIGH· v4 7.5 HIGH· v3 N/A· v2 A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed t...Show more A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and laterShow less
CVE-2025-52425 1Qnap 1Qumagie Nov 14, 2025 Nov 7, 2025 9.5 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following vers...Show more An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and laterShow less
CVE-2024-38642 1Qnap 1Qumagie Sep 16, 2024 Sep 6, 2024 1.0 LOW· v4 7.8 HIGH· v3 N/A· v2 An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We...Show more An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We have already fixed the vulnerability in the following version: QuMagie 2.3.1 and laterShow less
CVE-2023-47560 1Qnap 1Qumagie Nov 21, 2024 Jan 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in th...Show more An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later Show less
CVE-2023-47559 1Qnap 1Qumagie Nov 21, 2024 Jan 5, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerabi...Show more A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later Show less
CVE-2023-47219 1Qnap 1Qumagie Nov 21, 2024 Jan 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the f...Show more A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later Show less
CVE-2023-41285 1Qnap 1Qumagie Nov 21, 2024 Nov 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the f...Show more A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later Show less
CVE-2023-41284 1Qnap 1Qumagie Nov 21, 2024 Nov 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the f...Show more A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later Show less
CVE-2023-39295 1Qnap 1Qumagie Nov 21, 2024 Nov 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in th...Show more An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.3 and later Show less