Q

qdPM is a free project management tool

Settings | Report Duplicate

1

I Use This!

Activity Not Available

Security

Vulnerabilities per Version

Learn more about BDSAs

Major Versions

click and drag to zoom

Security Vulnerabilities for Version:

Severities:

Type

Identifier	Related Record	Severity	Date Published	Description	Versions Affected
CVE-2022-26180		Medium	Apr 08, 2022	qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.	9.2
BDSA-2021-3628		Medium	Dec 01, 2021	qdPM contains an information disclosure vulnerability. Successfully exploiting this can allow an unauthenticated attacker access to the password and co more...
BDSA-2020-3615		Low	Dec 02, 2020	qdPM is vulnerable to stored cross-site scripting (XSS). An attacker could exploit this to execute arbitrary JavaScript in the context of a user's brow more...
BDSA-2020-3607		Low	Dec 02, 2020	qdPM is vulnerable to a cross-site scripting (XSS) vulnerability. An attacker could use this to execute arbitrary JavaScript code in the context of a v more...