CVE-2025-64280

Critical CVSS: 9.8

A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permit_no field.

Vendor

Product

CWE

Yayın Tarihi

2025-11-12 16:15:36

Güncelleme

2025-12-31 16:44:00

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Community Development CRITICAL Centralsquare 2025

https://centralsquare.com https://machevalia.blog/blog/multiple-vulnerabilities-in-centralsquare-etrakit-and-ivr

Medium

CVE-2025-59491

Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields.

Critical

CVE-2025-64281

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel…

Critical

CVE-2025-29980

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote un…