Vulnerabilites related to qualitor - qualitor
Vulnerability from fkie_nvd
Published
2024-10-31 20:15
Modified
2025-07-01 20:36
Severity ?
Summary
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/OpenXP-Research/CVE-2024-48360 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.qualitor.com.br/official-security-advisory-cve-2024-48360 | Vendor Advisory | |
| cve@mitre.org | https://www.qualitor.com.br/qualitor-8-20 | Product |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41C8B471-E62C-4185-91E8-C4360B35DFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD775B-0465-4EA0-8E11-97620D8431E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que Qualitor v8.24 conten\u00eda Server-Side Request Forgery (SSRF) a trav\u00e9s del componente /request/viewValidacao.php."
}
],
"id": "CVE-2024-48360",
"lastModified": "2025-07-01T20:36:49.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-31T20:15:05.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/OpenXP-Research/CVE-2024-48360"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-48360"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.qualitor.com.br/qualitor-8-20"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-09 18:15
Modified
2025-07-01 20:37
Severity ?
Summary
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.extencil.me/information-security/cves/cve-2024-44849 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file | Third Party Advisory | |
| cve@mitre.org | https://www.qualitor.com.br/official-security-advisory-cve-2024-44849 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41C8B471-E62C-4185-91E8-C4360B35DFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD775B-0465-4EA0-8E11-97620D8431E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php."
},
{
"lang": "es",
"value": "Qualitor hasta 8.24 es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de la carga de archivos arbitrarios en checkAcesso.php."
}
],
"id": "CVE-2024-44849",
"lastModified": "2025-07-01T20:37:06.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-09-09T18:15:03.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.extencil.me/information-security/cves/cve-2024-44849"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-44849"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-31 20:15
Modified
2025-07-01 20:36
Severity ?
Summary
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/OpenXP-Research/CVE-2024-48359 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.qualitor.com.br/official-security-advisory-cve-2024-48359 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41C8B471-E62C-4185-91E8-C4360B35DFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD775B-0465-4EA0-8E11-97620D8431E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter."
},
{
"lang": "es",
"value": " Se descubri\u00f3 que Qualitor v8.24 conten\u00eda una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del par\u00e1metro gridValoresPopHidden."
}
],
"id": "CVE-2024-48359",
"lastModified": "2025-07-01T20:36:59.297",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-31T20:15:05.340",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/OpenXP-Research/CVE-2024-48359"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-48359"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-06 06:15
Modified
2025-07-07 18:50
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://openxp.xpsec.co/blog/cve-2023-47253 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.linkedin.com/in/hairrison-wenning-4631a4124/ | Not Applicable | |
| cve@mitre.org | https://www.linkedin.com/in/xvinicius/ | Permissions Required | |
| cve@mitre.org | https://www.qualitor.com.br/official-security-advisory-cve-2023-47253 | Vendor Advisory | |
| cve@mitre.org | https://www.qualitor.com.br/qualitor-8-20 | Product, Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://openxp.xpsec.co/blog/cve-2023-47253 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.linkedin.com/in/hairrison-wenning-4631a4124/ | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.linkedin.com/in/xvinicius/ | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualitor.com.br/qualitor-8-20 | Product, Release Notes |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitor:qualitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A379699-C3DA-4A71-9683-7255148B3D7B",
"versionEndIncluding": "8.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter."
},
{
"lang": "es",
"value": "Qualitor hasta 8.20 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante c\u00f3digo PHP en el par\u00e1metro html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden."
}
],
"id": "CVE-2023-47253",
"lastModified": "2025-07-07T18:50:25.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-11-06T06:15:40.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://openxp.xpsec.co/blog/cve-2023-47253"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.linkedin.com/in/hairrison-wenning-4631a4124/"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://www.linkedin.com/in/xvinicius/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2023-47253"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Release Notes"
],
"url": "https://www.qualitor.com.br/qualitor-8-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://openxp.xpsec.co/blog/cve-2023-47253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.linkedin.com/in/hairrison-wenning-4631a4124/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://www.linkedin.com/in/xvinicius/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Release Notes"
],
"url": "https://www.qualitor.com.br/qualitor-8-20"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-25 01:15
Modified
2025-06-24 20:29
Severity ?
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of the argument nmconexao leads to command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.20.56 and 8.24.31 is able to address this issue. It is recommended to upgrade the affected component.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://gist.githubusercontent.com/MatheuZSecurity/fe221fd5b2e5393abf76be42f11f52c3/raw/e8d9c63885f0b83b3374db3d31dbe2c69c868334/poc.sh | Broken Link | |
| cna@vuldb.com | https://vuldb.com/?ctiid.310220 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.310220 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.572477 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://www.youtube.com/watch?v=Dq4C5s9Uwyo | Exploit |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41C8B471-E62C-4185-91E8-C4360B35DFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD775B-0465-4EA0-8E11-97620D8431E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of the argument nmconexao leads to command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.20.56 and 8.24.31 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Qualitor 8.20. Se ha clasificado como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /html/ad/adconexaooffice365/request/testaConexaoOffice365.php. La manipulaci\u00f3n del argumento nmconexao provoca la inyecci\u00f3n de comandos. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3."
}
],
"id": "CVE-2025-5139",
"lastModified": "2025-06-24T20:29:44.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "PROOF_OF_CONCEPT",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-05-25T01:15:23.710",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
],
"url": "https://gist.githubusercontent.com/MatheuZSecurity/fe221fd5b2e5393abf76be42f11f52c3/raw/e8d9c63885f0b83b3374db3d31dbe2c69c868334/poc.sh"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.310220"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.310220"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.572477"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=Dq4C5s9Uwyo"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-47253 (GCVE-0-2023-47253)
Vulnerability from cvelistv5
Published
2023-11-06 00:00
Modified
2025-06-12 16:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:35.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.linkedin.com/in/xvinicius/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.linkedin.com/in/hairrison-wenning-4631a4124/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualitor.com.br/qualitor-8-20"
},
{
"tags": [
"x_transferred"
],
"url": "https://openxp.xpsec.co/blog/cve-2023-47253"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:qualitor:qalitor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qalitor",
"vendor": "qualitor",
"versions": [
{
"lessThanOrEqual": "8.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-47253",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:44:13.137293Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:48:54.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T16:38:22.382Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.linkedin.com/in/xvinicius/"
},
{
"url": "https://www.linkedin.com/in/hairrison-wenning-4631a4124/"
},
{
"url": "https://www.qualitor.com.br/qualitor-8-20"
},
{
"url": "https://openxp.xpsec.co/blog/cve-2023-47253"
},
{
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2023-47253"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-47253",
"datePublished": "2023-11-06T00:00:00.000Z",
"dateReserved": "2023-11-05T00:00:00.000Z",
"dateUpdated": "2025-06-12T16:38:22.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48360 (GCVE-0-2024-48360)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2025-06-12 16:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qualitor",
"vendor": "qualitor",
"versions": [
{
"status": "affected",
"version": "8.24"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-48360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T20:42:39.761688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T20:46:09.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T16:28:08.957Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.qualitor.com.br/qualitor-8-20"
},
{
"url": "https://github.com/OpenXP-Research/CVE-2024-48360"
},
{
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-48360"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-48360",
"datePublished": "2024-10-31T00:00:00.000Z",
"dateReserved": "2024-10-08T00:00:00.000Z",
"dateUpdated": "2025-06-12T16:28:08.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5139 (GCVE-0-2025-5139)
Vulnerability from cvelistv5
Published
2025-05-25 01:00
Modified
2025-06-11 13:38
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of the argument nmconexao leads to command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.20.56 and 8.24.31 is able to address this issue. It is recommended to upgrade the affected component.
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.310220 | vdb-entry, technical-description | |
| https://vuldb.com/?ctiid.310220 | signature, permissions-required | |
| https://vuldb.com/?submit.572477 | third-party-advisory | |
| https://www.youtube.com/watch?v=Dq4C5s9Uwyo | media-coverage | |
| https://gist.githubusercontent.com/MatheuZSecurity/fe221fd5b2e5393abf76be42f11f52c3/raw/e8d9c63885f0b83b3374db3d31dbe2c69c868334/poc.sh | broken-link, exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-28T17:29:16.473374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:39:10.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Office 365-type Connection Handler"
],
"product": "Qualitor",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "8.20"
},
{
"status": "affected",
"version": "8.24"
},
{
"status": "unaffected",
"version": "8.20.56"
},
{
"status": "unaffected",
"version": "8.24.31"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "matheuzsec (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of the argument nmconexao leads to command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.20.56 and 8.24.31 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in Qualitor 8.20/8.24 ausgemacht. Davon betroffen ist unbekannter Code der Datei /html/ad/adconexaooffice365/request/testaConexaoOffice365.php der Komponente Office 365-type Connection Handler. Durch das Beeinflussen des Arguments nmconexao mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 8.20.56 and 8.24.31 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T13:38:12.795Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310220 | Qualitor Office 365-type Connection testaConexaoOffice365.php command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.310220"
},
{
"name": "VDB-310220 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310220"
},
{
"name": "Submit #572477 | Qualitor Qualitor Web 8.20. - BD 206 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572477"
},
{
"tags": [
"media-coverage"
],
"url": "https://www.youtube.com/watch?v=Dq4C5s9Uwyo"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://gist.githubusercontent.com/MatheuZSecurity/fe221fd5b2e5393abf76be42f11f52c3/raw/e8d9c63885f0b83b3374db3d31dbe2c69c868334/poc.sh"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-11T15:42:58.000Z",
"value": "VulDB entry last update"
}
],
"title": "Qualitor Office 365-type Connection testaConexaoOffice365.php command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5139",
"datePublished": "2025-05-25T01:00:07.429Z",
"dateReserved": "2025-05-23T18:56:55.098Z",
"dateUpdated": "2025-06-11T13:38:12.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48359 (GCVE-0-2024-48359)
Vulnerability from cvelistv5
Published
2024-10-31 00:00
Modified
2025-06-12 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qualitor",
"vendor": "qualitor",
"versions": [
{
"status": "affected",
"version": "8.24"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-48359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T20:44:35.597766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T20:45:40.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T16:34:54.344Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/OpenXP-Research/CVE-2024-48359"
},
{
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-48359"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-48359",
"datePublished": "2024-10-31T00:00:00.000Z",
"dateReserved": "2024-10-08T00:00:00.000Z",
"dateUpdated": "2025-06-12T16:34:54.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-44849 (GCVE-0-2024-44849)
Vulnerability from cvelistv5
Published
2024-09-09 00:00
Modified
2025-06-12 16:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:qualitor:qalitor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qalitor",
"vendor": "qualitor",
"versions": [
{
"lessThanOrEqual": "8.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-44849",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T19:19:43.132083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T19:28:24.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T16:31:23.877Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file"
},
{
"url": "https://blog.extencil.me/information-security/cves/cve-2024-44849"
},
{
"url": "https://www.qualitor.com.br/official-security-advisory-cve-2024-44849"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-44849",
"datePublished": "2024-09-09T00:00:00.000Z",
"dateReserved": "2024-08-21T00:00:00.000Z",
"dateUpdated": "2025-06-12T16:31:23.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}