CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9958

CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://crawl3r.xyz/cve/cve-2019-9958/
https://crawl3r.xyz/cve/cve-2019-9958/

Products affected by CVE-2019-9958

Quadbase » Espressreport Enterprise Server » Version: 7.0

cpe:2.3:a:quadbase:espressreport_enterprise_server:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9958

Products

Pricing

Contact Us