Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-15624

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext...

9.3CVSS5.5AI score0.0038EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 12:59 p.m.10 views

EUVD-2026-30931

Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication. The vendor was notified early about this vulnerability, but...

9.3CVSS6AI score0.00941EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-41895

Name of the Vulnerable Software and Affected Versions Sparx Pro Cloud Server versions 6.1 build 167 and earlier Description A race condition exists in the '/data api/dl internal artifact.php' endpoint. The application downloads object properties based on the guid parameter and saves the content i...

7.7CVSS6.2AI score0.00724EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-41892

Name of the Vulnerable Software and Affected Versions Sparx Pro Cloud Server versions 6.1 build 167 and earlier Description Broken Access Control exists in the communication with the database. Due to a lack of permission checks, a low privileged user can execute arbitrary SQL queries within the...

8.8CVSS6.1AI score0.00598EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2026/04/17 8:38 a.m.5 views

CVE-2025-15624 Plaintext Storage of a Password in Sparx Pro Cloud Server.

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext...

9.3CVSS5.8AI score0.0038EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.8 views

PT-2026-33424

Name of the Vulnerable Software and Affected Versions Sparx Pro Cloud Server affected versions not specified Description An unauthenticated user can retrieve the database password in plaintext. This issue allows for the exposure of private personal information and sensitive system information to ...

9.3CVSS5.8AI score0.00261EPSS
Exploits0References6
Rows per page
Query Builder