2026-02-06 23:14:11
VulnCheck
PUBLISHED
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the _located parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.