Filtered by vendor Globalradar
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14946 | 1 Globalradar | 1 Bsa Radar | 2020-07-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath parameters in the URL, or while using a proxy. This vulnerability could be used to view local sensitive files or configuration files. | |||||
| CVE-2020-14943 | 1 Globalradar | 1 Bsa Radar | 2020-06-30 | 3.5 LOW | 5.4 MEDIUM |
| The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile. | |||||