High severity8.8NVD Advisory· Published Jun 24, 2019· Updated Jun 17, 2026
CVE-2019-9958
CVE-2019-9958
Description
CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests.
Affected products
2- Quadbase/EspressReport ESdescription
- Range: 7.0 update 7
Patches
Vulnerability mechanics
References
1- crawl3r.xyz/cve/cve-2019-9958/nvdExploitThird Party AdvisoryURL Repurposed
News mentions
0No linked articles in our index yet.