Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.11 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

5.8CVSS6.5AI score0.01281EPSS
Exploits0References1
NVD
NVD
added 2013/10/28 3:42 a.m.14 views

CVE-2013-6018

Cross-site request forgery CSRF vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password...

6.8CVSS7.2AI score0.00619EPSS
Exploits0References1
NVD
NVD
added 2013/10/28 3:42 a.m.17 views

CVE-2013-6019

Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...

4.3CVSS5.7AI score0.01012EPSS
Exploits0References1
Prion
Prion
added 2013/10/28 3:42 a.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password...

6.8CVSS7.7AI score0.00619EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/28 1:0 a.m.41 views

CVE-2013-6018

CVE-2013-6018 describes a cross-site request forgery (CSRF) vulnerability in Tyler Technologies’ TaxWeb 3.13.3.1, specifically affecting the login.jsp page. The issue allows a remote attacker to hijack the authentication of arbitrary users by inducing them to perform a password-changing action, i...

6.8CVSS7.4AI score0.00619EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/28 1:0 a.m.51 views

CVE-2013-6285

The vulnerability CVE-2013-6285 affects the Treasurer application’s search component in Tyler Technologies TaxWeb 3.13.3.1. It allows remote attackers to obtain sensitive query-structure information by sending an invalid search request. This is described as a separate issue from CVE-2013-6020. Th...

5CVSS6.3AI score0.01427EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/28 1:0 a.m.24 views

CVE-2013-6019

Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...

5.7AI score0.01012EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/28 1:0 a.m.30 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

6.5AI score0.01281EPSS
Exploits0References1
Rows per page
Query Builder