SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure.
9.8CVSS
9.6AI Score
0.002EPSS
QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker (with physical access to the device) to obtain sensitive information via the debug interface (keystrokes over a USB cable), aka wireless password visibility.
4.6CVSS
4.4AI Score
0.001EPSS
In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation.
5.3CVSS
5.3AI Score
0.001EPSS