Cadclick Security Vulnerabilities and Issues — Cadclick CVE List

Lucene search

4paceCadclick

7 matches found

CVE•added 2024/10/04 6:15 p.m.•40 views

CVE-2024-41515

A reflected cross-site scripting (XSS) vulnerability in "ccHandlerResource.ashx" in CADClick

5.4CVSS5.5AI score0.00074EPSS

CVE•added 2024/10/04 6:15 p.m.•39 views

CVE-2024-41512

A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter.

8.8CVSS9.2AI score0.00348EPSS

CVE•added 2024/10/04 6:15 p.m.•37 views

CVE-2024-41511

A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter.

3.9CVSS7.2AI score0.00037EPSS

CVE•added 2024/10/04 6:15 p.m.•37 views

CVE-2024-41513

A reflected cross-site scripting (XSS) vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter.

5.4CVSS5.9AI score0.00074EPSS

CVE•added 2024/10/04 6:15 p.m.•35 views

CVE-2024-41514

A reflected cross-site scripting (XSS) vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter.

5.4CVSS5.5AI score0.00074EPSS

CVE•added 2024/10/04 6:15 p.m.•33 views

CVE-2024-41516

A Reflected cross-site scripting (XSS) vulnerability in "ccHandler.aspx" CADClick

5.4CVSS5.5AI score0.00074EPSS

CVE•added 2025/06/25 4:15 p.m.•6 views

CVE-2025-25905

Cross-Site Scripting (XSS) vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter.

7.1CVSS5.8AI score0.00055EPSS