CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-26058

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens directly to the URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.1%

CVSS Severity

CVSS v3 Score 4.2

References

https://github.com/mano257200/QloApps-VUL

Products affected by CVE-2025-26058

Webkul » Qloapps » Version: 1.6.1

cpe:2.3:a:webkul:qloapps:1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-26058

Products

Pricing

Contact Us