Rubén Barberá Pérez

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The file upload functionality is not implemented correctly, allowing the upload of any type of file. An attacker must log into the application with a valid username to exploit this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The web application does not correctly filter input parameters, allowing for SQL injections, Denial of Service (DoS), or information disclosure. It is necessary to log into the application to exploit this issue. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QSige Monitor (affected versions not specified) **Description** The QSige Monitor application lacks an access control mechanism to verify if a user has sufficient permissions to access a resource. A user must be logged into the application to exploit this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue allows an attacker to perform stored XSS attacks on certain resources. Exploiting this can lead to a Denial of Service (DoS) condition, among other actions. No information is provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QSige (affected versions not specified) **Description** The QSige login SSO lacks an access control mechanism to verify if a user has sufficient permissions to request a resource. To exploit this, a user must first log into the application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QSige (affected versions not specified) **Description** The QSige login SSO lacks an access control mechanism to verify if a user has sufficient permissions to request a resource. To exploit this, a user must first log into the application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QSige (affected versions not specified) **Description** The QSige statistics are affected by a remote SQL injection vulnerability. The web application does not correctly filter input parameters, allowing SQL injections, Denial of Service (DoS), or information disclosure. To exploit this issue, an attacker must first log into the application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.