CVE-2025-25939

all versions

Reprise License Manager 14.2 is vulnerable to reflected cross-site scripting in /goform/activate_process via the akey parameter.

6.1MEDIUM

CVE-2023-44031

>= 15.1 and < 16.0

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save

7.5HIGH

CVE-2023-43183

>= 15.1 and < 16.0

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitraril

8.8HIGH

CVE-2021-37500

< 16.0

Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that a

8.1HIGH

CVE-2021-37499

< 17.0

CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result

6.5MEDIUM

CVE-2021-37498

< 17.0

An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigge

6.5MEDIUM

CVE-2022-30519

>= 14.2bl4 and <= 16.0

XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via pa

6.1MEDIUM

CVE-2022-28365

>= 14.2 and < 15.1

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No auth

5.3MEDIUM

CVE-2022-28364

>= 14.2 and <= 16.0

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process

5.4MEDIUM

CVE-2022-28363

>= 14.2 and < 16.0

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process user

6.1MEDIUM

CVE-2021-45422

>= 14.2 and < 16.0

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count"

6.1MEDIUM

CVE-2021-44155

>= 14.2 and < 15.1

An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to login, the response if a userna

5.3MEDIUM

CVE-2021-44154

>= 14.2 and < 16.0

An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which

7.2HIGH

CVE-2021-44153

>= 14.2 and < 17.0

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option t

7.2HIGH

CVE-2021-44152

< 15.1

An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorizati

9.8CRITICAL

CVE-2021-44151

>= 14.2 and < 15.1

An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bru

7.5HIGH

CVE-2018-15574

< 16.0

An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulne

6.1MEDIUM

CVE-2018-15573

< 16.1

An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write da

8.8HIGH

CVE-2018-5716

>= 11.0 and < 16.1

An issue was discovered in Reprise License Manager 11.0. This vulnerability is a Path Traversal where the attacker, by changing a

8.1HIGH