Every CVE whose affected-product data names Nchsoftware Quorum, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-37447 — CVSS 8.1 (high): In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.
CVE-2021-37445 — CVSS 6.5 (medium): In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.
CVE-2021-37446 — CVSS 4.3 (medium): In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.