Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quadbase vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-24982
An issue exists in Quadbase ExpressDashboard (EDAB) 7 Update 9. It allows CSRF. An attacker may be able to trick an authenticated user into changing the email address associated with their account.
Quadbase Espressdashboard 7.0
5.5
CVSSv2
CVE-2020-24985
An issue exists in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.
Quadbase Espressdashboard 7.0
6.8
CVSSv2
CVE-2020-24983
An issue exists in Quadbase EspressReports ES 7 Update 9. An unauthenticated attacker can create a malicious HTML file that houses a POST request made to the DashboardBuilder within the target web application. This request will utilise the target admin session and perform the aut...
Quadbase Espressreports Es 7
6.8
CVSSv2
CVE-2020-24984
An issue exists in Quadbase EspressReports ES 7 Update 9. It allows CSRF, whereby an attacker may be able to trick an authenticated admin level user into uploading malicious files to the web server.
Quadbase Espressreports Es 7
3.5
CVSSv2
CVE-2019-9957
Stored XSS within Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote malicious users to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is stored by creating a new user account, and setting the username to an XSS payl...
Quadbase Espressreport Es 7.0
6.8
CVSSv2
CVE-2019-9958
CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote malicious users to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their re...
Quadbase Espressreport Enterprise Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started