SQL injection vulnerability in Vaales Technologies V_QRS v.2024-01-17 allows a remote malicious user to obtain sensitive information via the Models/UserModel.php component.