Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/12/05 3:27 p.m.4 views

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all...

6.5CVSS6.4AI score0.00266EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/12/05 3:27 p.m.6 views

CVE-2025-65899

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

5.3CVSS7.1AI score0.00314EPSS
Exploits3References1
EUVD
EUVD
added 2025/12/05 12:31 a.m.6 views

EUVD-2025-201311

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

6.6AI score0.00314EPSS
Exploits3References3
NVD
NVD
added 2025/12/04 10:15 p.m.5 views

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all...

6.5CVSS0.00266EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/12/04 12:0 a.m.1 views

CVE-2025-65899

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

6.7AI score0.00314EPSS
Exploits3References2
Rows per page
Query Builder