Lucene search
K

4 matches found

OSV
OSV
added 2025/07/31 6:15 p.m.5 views

CVE-2025-54834

OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...

6.9CVSS5.9AI score0.0049EPSS
Exploits0References3
NVD
NVD
added 2025/07/31 6:15 p.m.10 views

CVE-2025-54834

OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...

6.9CVSS0.0049EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/31 5:26 p.m.5 views

CVE-2025-54834 OPEXUS FOIAXpress Public Access Link (PAL) unauthenticated username enumeration

OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...

6.9CVSS6.6AI score0.0049EPSS
Exploits0References3
CVE
CVE
added 2025/07/31 5:26 p.m.24 views

CVE-2025-54834

CVE-2025-54834 affects OPEXUS FOIAXpress PAL v11.1.0. An unauthenticated attacker can query the /App/CreateRequest.aspx endpoint to enumerate valid usernames due to absent rate limiting. Impact is exposure of user existence; CVSS vectors cited in public records show network access with low to mod...

6.9CVSS6.6AI score0.0049EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder