Lucene search
K

10 matches found

CVE
CVE
added 4 hours ago5 views

CVE-2026-57871

CVE-2026-57871 describes a relative path traversal vulnerability in MicroRealEstate’s file upload functionality that could potentially overwrite system files. Affected software: MicroRealEstate up to version 1.0.0-alpha3 . Root cause: relative path traversal in the file upload process. Impact: po...

7.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago6 views

EUVD-2026-42008

Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS6AI score
Exploits0References2
CVE
CVE
added 4 hours ago5 views

CVE-2026-57870

CVE-2026-57870 describes a broken object-level access control flaw in MicroRealEstate’s Template API (up to version 1.0.0-alpha3). The underlying issue allows an attacker to retrieve document templates used by other organizations without authorization. Affected software is MicroRealEstate, with t...

5.3CVSS6AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago4 views

EUVD-2026-42006

Broken object-level access control on the Template API in MicroRealEstate allows attackers to retrieve document templates used by other organizations without authorization. This issue affects MicroRealEstate: through 1.0.0-alpha3...

5.3CVSS6AI score
Exploits0References2
CVE
CVE
added 4 hours ago5 views

CVE-2026-57869

CVE-2026-57869 affects MicroRealEstate up to version 1.0.0-alpha3. The vulnerability stems from broken object-level access controls and a deterministic pattern used in random ID generation, enabling attackers to access documents uploaded by landlords or tenants without authorization. The availabl...

7.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago4 views

EUVD-2026-42005

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS6AI score
Exploits0References2
CVE
CVE
added 4 hours ago4 views

CVE-2026-57868

CVE-2026-57868 affects MicroRealEstate up to version 1.0.0-alpha3, involving broken object-level access controls in the PDF generator functionality. The affected component is the PDF generation feature within MicroRealEstate; the root cause is described as object-level access control failure. The...

7.1CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago3 views

EUVD-2026-42004

MicroRealEstate is affected by broken object-level access controls in PDF generator functionality. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS5.9AI score
Exploits0References2
CVE
CVE
added 4 hours ago5 views

CVE-2026-57867

CVE-2026-57867 affects MicroRealEstate before or up to 1.0.0-alpha3, due to a lack of token state management that enables adversaries to bypass authentication and brute‑force One‑Time Passwords (OTP) to log in as any user. The root cause is insufficient token state handling, leading to an auth by...

8.8CVSS6AI score
Exploits0References2
EUVD
EUVD
added 4 hours ago3 views

EUVD-2026-42003

MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...

8.8CVSS6AI score
Exploits0References2
Rows per page
Query Builder