Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Quadbase Subscribe
Filtered by product Espressdashboard
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-24985 1 Quadbase 1 Espressdashboard 2022-07-12 5.5 MEDIUM 8.1 HIGH
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.
CVE-2020-24982 1 Quadbase 1 Espressdashboard 2021-05-21 4.3 MEDIUM 4.3 MEDIUM
An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9. It allows CSRF. An attacker may be able to trick an authenticated user into changing the email address associated with their account.