CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker with physical access to the device to obtain sensitive information via the debug interface keystrokes over a USB cable, aka wireless password visibility...

4.6CVSS6.2AI score0.00041EPSS

Exploits0

RedhatCVE•added 2025/05/22 4:18 p.m.•3 views

CVE-2020-13877

SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure...

9.8CVSS8.7AI score0.02153EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:27 p.m.•4 views

CVE-2020-28898

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

5.3CVSS7AI score0.00823EPSS

Exploits0

OSV•added 2021/04/15 7:15 p.m.•1 views

CVE-2020-28898

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

5.3CVSS6.2AI score0.00823EPSS

Exploits0References1

NVD•added 2021/04/15 7:15 p.m.•7 views

CVE-2020-28898

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

5.3CVSS0.00823EPSS

Exploits0References1

Prion•added 2021/04/15 7:15 p.m.•9 views

Input validation

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

5CVSS5.4AI score0.00823EPSS

Exploits0References1Affected Software1

CVE•added 2021/04/15 6:3 p.m.•52 views

CVE-2020-28898

CVE-2020-28898 affects QED ResourceXpress up to version 4.9k, where submitting a large numeric or alphanumeric value in specific URL parameters triggers a server error during script execution due to insufficient input validation. This is the concrete technical detail available across multiple con...

5.3CVSS5.3AI score0.00823EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/04/15 6:3 p.m.•13 views

CVE-2020-28898

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation...

5.4AI score0.00823EPSS

Exploits0References1

CNNVD•added 2021/04/15 12:0 a.m.•2 views

QED ResourceXpress 输入验证错误漏洞

QED ResourceXpress is an application from QED USA. a centralized application that helps you book meeting rooms, desks and cluttered spaces more efficiently. A security vulnerability exists in QED ResourceXpress version 4.9k and prior versions that stems from a server error during script execution...

5.3CVSS6AI score0.00823EPSS

Exploits0References2

CNVD•added 2020/11/23 12:0 a.m.•1 views

Resourcexpress Meeting Monitor SQL Injection Vulnerability

Resourcexpress Meeting Monitor is a meeting booking software from Resourcexpress UK. It centralizes the management of meeting room screens and desk booking equipment to support rational meeting booking. A SQL injection vulnerability exists in Resourcexpress Meeting Monitor version 4.9, which stem...

9.8CVSS8.8AI score0.02153EPSS

Exploits0References1

NVD•added 2020/11/17 2:15 p.m.•8 views

CVE-2020-25746

4.6CVSS4.4AI score0.00041EPSS

Exploits0References2

OSV•added 2020/11/17 2:15 p.m.•1 views

CVE-2020-25746

4.6CVSS5.8AI score0.00041EPSS

Exploits0References2

Prion•added 2020/11/17 2:15 p.m.•15 views

Default credentials

2.1CVSS4.5AI score0.00041EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/11/17 1:20 p.m.•15 views

CVE-2020-25746

4.4AI score0.00041EPSS

Exploits0References2

CVE•added 2020/11/17 1:20 p.m.•35 views

CVE-2020-25746

CVE-2020-25746 affects QED ResourceXpress Qubi3 devices before version 1.40.9. The issue allows a local attacker with physical access to the device to obtain sensitive information through the debug interface (USB keystrokes), effectively exposing wireless passwords and compromising confidentialit...

4.6CVSS4.4AI score0.00041EPSS

Exploits0References2Affected Software1

CNNVD•added 2020/11/17 12:0 a.m.•4 views

Resourcexpress Qubi3 Information Disclosure Vulnerability

Resourcexpress Qubi3 is a conference room booking device from Resourcexpress UK. A security vulnerability exists in QED ResourceXpress Qubi3 prior to version 1.40.9, which can be exploited by an attacker to obtain sensitive information through the debugging interface...

4.6CVSS5.8AI score0.00041EPSS

Exploits0References3

OSV•added 2020/11/12 9:15 p.m.•1 views

CVE-2020-13877

SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure...

9.8CVSS7.9AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by