Mtzsec

**Name of the Vulnerable Software and Affected Versions** Qualitor versions prior to 8.20.105 and prior to 8.24.98 **Description** A security flaw exists in Qualitor that allows for code injection. The `eval` function within the file `/html/st/stdeslocamento/request/getResumo.php` is affected. Manipulation of the `passageiros` argument can lead to code injection, and remote exploitation is possible. The exploit for this issue has been publicly released. **Recommendations** Qualitor versions prior to 8.20.105 should be upgraded. Qualitor versions prior to 8.24.98 should be upgraded.