Prasklatechnology Placipy
10 CVEs affecting Prasklatechnology Placipy. Latest disclosed: 2026-02-09. Critical: 7, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25875 | Critical | 9.8 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled J… |
CVE-2026-25814 | Critical | 9.8 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into Dyn… |
CVE-2026-25809 | Critical | 9.8 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment… |
CVE-2026-25753 | Critical | 9.8 | 2026-02-06 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password fo… |
CVE-2026-25811 | Critical | 9.1 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant identifier directly from t… |
CVE-2026-25876 | Critical | 9.1 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/results.routes.ts verify authenticatio… |
CVE-2026-25810 | Critical | 9.1 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission.routes.ts verify au… |
CVE-2026-25812 | High | 8.8 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS requests but does n… |
CVE-2026-25813 | High | 7.5 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to consol… |
CVE-2026-25806 | Medium | 6.5 | 2026-02-09 | PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status… |