Vulnerabilities > Globalradar

DATE CVE VULNERABILITY TITLE RISK
2020-06-22 CVE-2020-14946 Path Traversal vulnerability in Globalradar BSA Radar 1.6.7234.24750
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files.
network
low complexity
globalradar CWE-22
4.3
2020-06-22 CVE-2020-14945 Unspecified vulnerability in Globalradar BSA Radar 1.6.7234.24750
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.
network
low complexity
globalradar
8.8
2020-06-22 CVE-2020-14944 Missing Authorization vulnerability in Globalradar BSA Radar 1.6.7234.24750
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions.
network
low complexity
globalradar CWE-862
critical
9.8
2020-06-22 CVE-2020-14943 Cross-site Scripting vulnerability in Globalradar BSA Radar 1.6.7234.24750
The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile.
network
low complexity
globalradar CWE-79
5.4