VYPR
Vendor

CentralSquare

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2024-45241HigAug 26, 2024
    risk 0.50cvss 7.5epss 0.14

    A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.

  • CVE-2023-40362MedJan 12, 2024
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known.

  • CVE-2025-59491Nov 12, 2025
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields.

  • CVE-2025-64280Nov 12, 2025
    risk 0.00cvss epss 0.00

    A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permit_no field.

  • CVE-2025-64281Nov 12, 2025
    risk 0.00cvss epss 0.00

    An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials.