Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown
CVE-2023-6375
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials.
0
Attacker Value
Unknown
CVE-2023-6354
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter.
0
Attacker Value
Unknown
CVE-2023-6353
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter.
0
Attacker Value
Unknown
CVE-2023-6344
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate directories using the tiffserver/te003.aspx or te004.aspx 'ifolder' parameter. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The vulnerable Aquaforest TIFF Server feature was removed on or around 2023-11-01. Insecure configuration issues in Aquaforest TIFF Server are identified separately as CVE-2023-6352. CVE-2023-6343 is related to or partially caused by CVE-2023-6352.
0
Attacker Value
Unknown
CVE-2023-6343
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The vulnerable Aquaforest TIFF Server feature was removed on or around 2023-11-01. Insecure configuration issues in Aquaforest TIFF Server are identified separately as CVE-2023-6352. CVE-2023-6343 is similar to CVE-2020-9323. CVE-2023-6343 is related to or partially caused by CVE-2023-6352.
0
Attacker Value
Unknown
CVE-2023-6342
Disclosure Date: November 30, 2023 (last updated December 07, 2023)
Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any user by manipulating at least the 'CmWebSearchPfp/Login.aspx?xyzldk=' and
'payforprint_CM/Redirector.ashx?userid=' parameters. The vulnerable "pay for print" feature was removed on or around 2023-11-01.
0
Attacker Value
Unknown
CVE-2022-26665
Disclosure Date: April 18, 2022 (last updated February 23, 2025)
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
0
Attacker Value
Unknown
CVE-2019-16112
Disclosure Date: May 13, 2020 (last updated February 21, 2025)
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.
0
Attacker Value
Unknown
CVE-2013-6285
Disclosure Date: October 28, 2013 (last updated October 05, 2023)
The search component in the Treasurer application in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to obtain sensitive query-structure information via an invalid search request, a different vulnerability than CVE-2013-6020.
0
Attacker Value
Unknown
CVE-2013-6019
Disclosure Date: October 28, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component.
0
