Opexus Foiaxpress Public Access Link (Pal)

4 CVEs affecting Opexus Foiaxpress Public Access Link (Pal). Latest disclosed: 2025-09-09. Critical: 1, High: 0.

Top CVEs affecting Opexus Foiaxpress Public Access Link (Pal)
CVESeverityScorePublishedSummary
CVE-2025-58462Critical9.82025-09-09OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could r…
CVE-2025-54834Medium5.32025-07-31OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check fo…
CVE-2025-54833Medium5.32025-07-31OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers…
CVE-2025-54832Medium4.32025-07-31OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states and territories.