Filtered by vendor Centralsquare
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29980 | 1 Centralsquare | 1 Etrakit.net | 2025-09-23 | N/A | 9.8 CRITICAL |
| A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development. | |||||
| CVE-2023-40362 | 1 Centralsquare | 1 Click2gov Building Permit | 2025-06-20 | N/A | 4.3 MEDIUM |
| An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known. | |||||