← Back

Espressdashboard

espressdashboard

Vendor: Quadbase • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-24985
1Quadbase
1Espressdashboard
Jun 17, 2026
Mar 15, 2021
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute extern...Show more
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.Show less
CVE-2020-24982
1Quadbase
1Espressdashboard
Jun 17, 2026
Mar 15, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9. It allows CSRF. An attacker may be able to trick an authenticated user into changing the email address associated with their account.