142 matches found
CVE-2024-54124
Affected software: Click Studios Passwordstate prior to build 9920. Issue: potential permission escalation on the edit folder screen due to a root cause described in CVE-2024-54124. Impact: high (CVSS 3.1 base score 8.8) with full confidentiality, integrity, and availability impact; attack vector...
CVE-2024-54124
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...
CVE-2024-39337
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...
CVE-2024-39337
CVE-2024-39337 affects Click Studios Passwordstate Core prior to 9.8 build 9858, where an authentication bypass is possible. The vulnerability allows bypassing authentication via network access with no user interaction required; CVSS v3.1 base score 6.5 (Confidentiality/Integrity impact: Low). Re...
PT-2024-28455
Name of the Vulnerable Software and Affected Versions: Click Studios Passwordstate Core versions prior to 9.8 build 9858 Description: The issue allows for authentication bypass. Recommendations: For versions prior to 9.8 build 9858, update to version 9.8 build 9858 or later to resolve the issue...
CVE-2024-39337
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...
CVE-2024-39337
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...
Click Studios Passwordstate Security Breach
Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. Click Studios Passwordstate Core is a password...
CVE-2023-47801
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
CVE-2023-47801
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
CVE-2023-47801
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
Default credentials
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
CVE-2023-47801
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
Click Studios Passwordstate Security Breach
Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. This program provides you with the ability to save yo...
CVE-2023-47801
CVE-2023-47801 affects Click Studios Passwordstate prior to 9811. The issue allows existing Security Administrators to misuse the System Wide API Key (when used with the PasswordHistory endpoint) to read or delete private password records, and to misuse the Copy/Move Password Record API Key to co...
CVE-2023-47801
An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...
CVE-2023-43295
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...
CVE-2023-43295
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...
CVE-2023-43295
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...
Cross site request forgery (csrf)
Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...