VYPR

Central Authentication Service

by Apereo

CVEs (2)

  • CVE-2025-12266MedOct 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function _empty of the file /index.php/auth/widget. Performing manipulation of the argument get.layer/get.widget/get.action results in…

  • CVE-2015-1169Feb 10, 2015
    risk 0.00cvss epss 0.03

    Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.