6 matches found
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
creationtimestamp| type| source ---|---|--- 2025-02-12 15:05:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113991532860053925 2025-02-12 16:03:03+00:00| seen| https://t.me/cvedetector/17884...
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...
CVE-2025-26360
CVE-2025-26360 describes a CWE-306 vulnerability: Missing Authentication for Critical Function in the Q-Free MaxTime product. The flaw resides in maxprofile/persistance/routes.lua and affects MaxTime versions less than or equal to 2.11.0, enabling an unauthenticated remote attacker to delete dash...