CVE-2026-1473 - Out-of-band SQL injection in Quatuor Performance Evaluation

CVE ID : CVE-2026-1473 Published : Jan. 27, 2026, 5:16 p.m. | 49 minutes ago Description : An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Id_usuario’ in '/evaluacion_competencias_evalua.aspx', could allow an attacker to extract sensitive information from the database through external channels, without the affected application returning the data directly, compromising the confidentiality of the stored information. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...