Atisoluciones CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-2722	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	9.8 Critical
SQL injection vulnerability in the CIGESv2 system, through /ajaxConfigTotem.php, in the 'id' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.
CVE-2024-2723	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	9.8 Critical
SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.
CVE-2024-2724	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	9.8 Critical
SQL injection vulnerability in the CIGESv2 system, through /ajaxServiciosAtencion.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.
CVE-2024-2725	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	7.5 High
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to access /vendor/composer/installed.json and retrieve all installed packages used by the application.
CVE-2024-2726	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	6.1 Medium
Stored Cross-Site Scripting (Stored-XSS) vulnerability affecting the CIGESv2 system, allowing an attacker to execute and store malicious javascript code in the application form without prior registration.
CVE-2024-2727	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	6.1 Medium
HTML injection vulnerability affecting the CIGESv2 system, which allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message.
CVE-2024-2728	2 Atisoluciones, Ciges	2 Ciges, Cigesv2	2025-10-15	4.1 Medium
Information exposure vulnerability in the CIGESv2 system. This vulnerability could allow a local attacker to intercept traffic due to the lack of proper implementation of the TLS protocol.

Page 1 of 1.