Vendor
Uni Yaz
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0857 | Cri | 0.64 | 9.8 | 0.00 | Jul 18, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0. | ||
| CVE-2026-1618 | Hig | 0.57 | 8.8 | 0.00 | Feb 13, 2026 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. | ||
| CVE-2025-14349 | Hig | 0.57 | 8.8 | 0.00 | Feb 13, 2026 | Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before… |
- risk 0.64cvss 9.8epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0.
- risk 0.57cvss 8.8epss 0.00
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
- risk 0.57cvss 8.8epss 0.00
Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before…