CVE-2023-48118

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
22/01/2024
Last modified:
20/06/2025

Description

SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted request to the Common.svc WSDL page.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:quest-analytics:iqcrm:2023.9.5:*:*:*:*:*:*:*