Filtered by vendor Centralsquare
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-64280 | 1 Centralsquare | 1 Community Development | 2025-12-31 | N/A | 9.8 CRITICAL |
| A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permit_no field. | |||||
| CVE-2025-64281 | 1 Centralsquare | 1 Community Development | 2025-12-31 | N/A | 9.8 CRITICAL |
| An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials. | |||||
| CVE-2025-59491 | 1 Centralsquare | 1 Community Development | 2025-12-31 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields. | |||||
| CVE-2025-29980 | 1 Centralsquare | 1 Etrakit.net | 2025-09-23 | N/A | 9.8 CRITICAL |
| A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development. | |||||
| CVE-2023-40362 | 1 Centralsquare | 1 Click2gov Building Permit | 2025-06-20 | N/A | 4.3 MEDIUM |
| An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known. | |||||