31 matches found
CVE-2025-60946 Census CSWeb path traversal
Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha...
CVE-2025-60946
Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha...
PT-2026-27209
Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha...
PT-2026-27212
Name of the Vulnerable Software and Affected Versions Census CSWeb versions prior to 8.1.0 alpha Description The software allows the app/config directory to be accessed via HTTP in certain setups. An unauthenticated remote attacker can request configuration files and potentially obtain sensitive...
PT-2026-27210
Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha...
PT-2026-27211
Census CSWeb 8.0.1 allows stored cross-site scripting in user supplied fields. A remote, authenticated attacker could store malicious javascript that executes in a victim's browser. Fixed in 8.1.0 alpha...
CSPro Users CSWeb 安全漏洞
CSPro Users CSWeb is a web application developed by CSPro Users Inc. It allows users to securely transfer cases or files between client devices and web servers. Version 8.0.1 of CSPro Users CSWeb contains a security vulnerability. This vulnerability stems from the use of a storage-type cross-site...
CSPro Users CSWeb 安全漏洞
CSPro Users CSWeb is a web application developed by CSPro Users Inc. It allows users to securely transfer cases or files between client devices and web servers. Version 8.0.1 of CSPro Users CSWeb contains a security vulnerability that stems from allowing arbitrary file path inputs. This...
CSPro Users CSWeb 安全漏洞
CSPro Users CSWeb is a web application developed by CSPro Users Inc. It allows users to securely transfer cases or files between client devices and web servers. Version 8.0.1 of CSPro Users CSWeb contains a security vulnerability. This vulnerability stems from the ability to access app/config via...
CSPro Users CSWeb 安全漏洞
CSPro Users CSWeb is a web application developed by CSPro Users Inc. It allows users to securely transfer cases or files between client devices and web servers. Version 8.0.1 of CSPro Users CSWeb contains a security vulnerability. This vulnerability stems from allowing arbitrary file uploads, whi...
Census CSWeb multiple vulnerabilities
RISK EVALUATION Census CSWeb allows a remote, authenticated attacker to perform actions such as path traversal, arbitrary file upload and stored XSS. An unauthenticated attacker could also send requests to configuration files in some deployments. 2. RECOMMENDED PRACTICES Update to 8.1.0 alpha...