Filtered by vendor Opexustech
Subscriptions
Filtered by product Foiaxpress Public Access Link
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54834 | 1 Opexustech | 1 Foiaxpress Public Access Link | 2026-01-23 | 5.3 Medium |
| OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place. | ||||
| CVE-2025-54833 | 1 Opexustech | 1 Foiaxpress Public Access Link | 2026-01-23 | 5.3 Medium |
| OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords. | ||||
| CVE-2025-54832 | 1 Opexustech | 1 Foiaxpress Public Access Link | 2026-01-23 | 4.3 Medium |
| OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states and territories. | ||||
| CVE-2024-53553 | 1 Opexustech | 1 Foiaxpress Public Access Link | 2025-10-29 | 9.1 Critical |
| An issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass authentication via crafted web requests. | ||||
| CVE-2025-58462 | 2 Opexus, Opexustech | 2 Foiaxpress Pal, Foiaxpress Public Access Link | 2025-09-26 | 9.8 Critical |
| OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database. | ||||
Page 1 of 1.