Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 3:6 p.m.6 views

CVE-2025-26360

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...

5.3CVSS7.1AI score0.0045EPSS
Exploits0References1
Circl
Circl
added 2025/02/12 3:5 p.m.7 views

CVE-2025-26360

creationtimestamp| type| source ---|---|--- 2025-02-12 15:05:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113991532860053925 2025-02-12 16:03:03+00:00| seen| https://t.me/cvedetector/17884...

5.3CVSS5.8AI score0.0045EPSS
Exploits0References2
OSV
OSV
added 2025/02/12 2:15 p.m.5 views

CVE-2025-26360

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...

5.3CVSS5.8AI score0.0045EPSS
Exploits0References1
NVD
NVD
added 2025/02/12 2:15 p.m.18 views

CVE-2025-26360

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...

5.3CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 1:29 p.m.12 views

CVE-2025-26360

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests...

5.3CVSS0.0045EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:29 p.m.61 views

CVE-2025-26360

CVE-2025-26360 describes a CWE-306 vulnerability: Missing Authentication for Critical Function in the Q-Free MaxTime product. The flaw resides in maxprofile/persistance/routes.lua and affects MaxTime versions less than or equal to 2.11.0, enabling an unauthenticated remote attacker to delete dash...

5.3CVSS5.5AI score0.0045EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder