Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2026/02/14 7:22 p.m.2 views

CVE-2026-1618

Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS5.4AI score0.00038EPSS
Exploits0References1
NVD
NVDadded 2026/02/13 2:16 p.m.2 views

CVE-2026-1619

Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.3CVSS0.00021EPSS
Exploits0References1
NVD
NVDadded 2026/02/13 2:16 p.m.2 views

CVE-2025-14349

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS0.00035EPSS
Exploits0References2
OSV
OSVadded 2026/02/13 2:16 p.m.0 views

CVE-2026-1618

Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS5.8AI score0.00038EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/13 1:20 p.m.2 views

CVE-2026-1619

Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.3CVSS5.4AI score0.00021EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/13 1:20 p.m.1 views

CVE-2026-1619 IDOR in Universal Sotware's FlexCity/Kiosk

Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.3CVSS5.4AI score0.00021EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/13 1:14 p.m.2 views

CVE-2026-1618 Admin Account Takeover in Universal Sotware's FlexCity/Kiosk

Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS5.4AI score0.00038EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/13 1:14 p.m.4 views

CVE-2026-1618

Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS5.4AI score0.00038EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/02/13 1:9 p.m.9 views

CVE-2025-14349

CVE-2025-14349 affects Universal Software Inc. FlexCity/Kiosk prior to version 1.0.36. The issue is described as a privilege escalation caused by privileges defined with unsafe actions and missing authentication for a critical function, allowing access to functionality not properly constrained by...

8.8CVSS5.4AI score0.00035EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/13 1:9 p.m.2 views

CVE-2025-14349

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS5.8AI score0.00035EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/02/13 1:9 p.m.24 views

CVE-2025-14349 Business Logic Error in Universal Software's FlexCity/Kiosk

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.8CVSS0.00035EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/02/13 12:0 a.m.3 views

PT-2026-7989

Name of the Vulnerable Software and Affected Versions Universal Software Inc. FlexCity/Kiosk versions prior to 1.0.36 Description An authentication bypass issue exists in Universal Software Inc. FlexCity/Kiosk, potentially allowing privilege escalation. The issue involves using an alternate path ...

8.8CVSS5.4AI score0.00038EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/13 12:0 a.m.3 views

PT-2026-7990

Name of the Vulnerable Software and Affected Versions Universal Software Inc. FlexCity/Kiosk versions prior to 1.0.36 Description An authorization bypass exists in FlexCity/Kiosk due to exploitation of trusted identifiers through a user-controlled key. This allows unauthorized access...

8.3CVSS5.4AI score0.00021EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-16640

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/04 11:0 p.m.5 views

CVE-2024-0857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0...

9.8CVSS5.8AI score0.00122EPSS
Exploits0References1
OSV
OSVadded 2024/07/18 6:15 p.m.0 views

CVE-2024-0857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection.This issue affects FlexWater Corporate Water Management: before 5.452.0...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2024/07/18 6:15 p.m.16 views

CVE-2024-0857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0...

9.8CVSS0.00122EPSS
Exploits0References2
CVE
CVEadded 2024/07/18 5:32 p.m.26 views

CVE-2024-0857

CVE-2024-0857 concerns an SQL Injection in FlexWater Corporate Water Management from Universal Software Inc. The PT-2024-15870 entry specifies the vulnerable line as versions prior to 5.452.0, with remediation to upgrade to 5.452.0 or later and a temporary measure to restrict access to sensitive ...

9.8CVSS5.8AI score0.00122EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/07/18 5:32 p.m.22 views

CVE-2024-0857 SQLi in Universal Software's FlexWater Corporate Water Management

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0...

9.8CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/07/18 5:32 p.m.17 views

CVE-2024-0857 SQLi in Universal Software's FlexWater Corporate Water Management

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0...

9.8CVSS5.8AI score0.00122EPSS
Exploits0References2
Rows per page
Query Builder