Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.10 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

5.8CVSS6.5AI score0.01281EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/28 1:0 a.m.21 views

CVE-2013-6285

The search component in the Treasurer application in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to obtain sensitive query-structure information via an invalid search request, a different vulnerability than CVE-2013-6020...

6AI score0.01427EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/28 1:0 a.m.28 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

6.5AI score0.01281EPSS
Exploits0References1
CVE
CVE
added 2013/10/28 1:0 a.m.48 views

CVE-2013-6020

The issue (CVE-2013-6020) affects Tyler Technologies TaxWeb 3.13.3.1 and its Password Reset flow (passwordRequestPOST.jsp). The root cause is that invalid password-recovery requests return different HTTP status codes depending on whether the target user exists, enabling remote attackers to enumer...

5.8CVSS6.7AI score0.01281EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder