Known exploited
BQE
CVE published 2021-11-03
CVE-2021-42258
CVE-2021-42258 is a SQL injection vulnerability in BQE BillQuick Web Suite. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03 and flagged it as having known ransomware campaign use, which raises the defensive urgency. The supplied source material directs defenders to apply vendor updates per vendor instructions.