Filtered by vendor Quadbase Subscriptions
Filtered by product Espressdashboard Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-24985 1 Quadbase 1 Espressdashboard 2024-11-21 8.1 High
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.
CVE-2020-24982 1 Quadbase 1 Espressdashboard 2024-11-21 4.3 Medium
An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9. It allows CSRF. An attacker may be able to trick an authenticated user into changing the email address associated with their account.