Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
centralsquare
35029.7%CRITICAL

Related CVEs

5
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-59491Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields.MEDIUM6.16.7%Nov 12, 2025
CVE-2025-64281An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials.CRITICAL9.832.1%Nov 12, 2025
CVE-2025-64280A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permit_no field.CRITICAL9.821.9%Nov 12, 2025
CVE-2025-29980A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development.CRITICAL9.340.7%Mar 20, 2025
CVE-2023-40362An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known.MEDIUM4.347.2%Jan 12, 2024