CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Qdpm: >> Qdpm >> 9.1 Security Vulnerabilities

CVE-2019-8390

qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keywords] parameter.

CVSS Score

6.1

EPSS Score

0.019

Published

2019-05-14

CVE-2015-3884

Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/.

CVSS Score

8.8

EPSS Score

0.729

Published

2017-03-17

Page 2

Vulnerabilities

Vulnerable Software

Qdpm: >> Qdpm >> 9.1 Security Vulnerabilities

Products

Pricing

Contact Us