Filtered by vendor Easyappointments
Subscribe
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38047 | 1 Easyappointments | 1 Easyappointments | 2024-08-26 | N/A | 8.1 HIGH |
| A BOLA vulnerability in GET, PUT, DELETE /categories/{categoryId} allows a low privileged user to fetch, modify or delete the category of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||||
| CVE-2023-38052 | 1 Easyappointments | 1 Easyappointments | 2024-08-26 | N/A | 8.1 HIGH |
| A BOLA vulnerability in GET, PUT, DELETE /admins/{adminId} allows a low privileged user to fetch, modify or delete a high privileged user (admin). This results in unauthorized access and unauthorized data manipulation. | |||||
| CVE-2023-38049 | 1 Easyappointments | 1 Easyappointments | 2024-08-26 | N/A | 8.1 HIGH |
| A BOLA vulnerability in GET, PUT, DELETE /appointments/{appointmentId} allows a low privileged user to fetch, modify or delete an appointment of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||||
| CVE-2019-14936 | 1 Easyappointments | 1 Easy\!appointments | 2024-02-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash). | |||||
| CVE-2023-3700 | 1 Easyappointments | 1 Easyappointments | 2023-08-02 | N/A | 4.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2023-1367 | 1 Easyappointments | 1 Easyappointments | 2023-03-17 | N/A | 3.8 LOW |
| Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2023-1269 | 1 Easyappointments | 1 Easyappointments | 2023-03-14 | N/A | 9.8 CRITICAL |
| Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2022-0482 | 1 Easyappointments | 1 Easyappointments | 2022-06-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. | |||||
| CVE-2022-1397 | 1 Easyappointments | 1 Easyappointments | 2022-05-16 | 9.0 HIGH | 8.8 HIGH |
| API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. | |||||
| CVE-2018-13063 | 1 Easyappointments | 1 Easy\!appointments | 2020-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. | |||||
| CVE-2018-13060 | 1 Easyappointments | 1 Easy\!appointments | 2020-03-18 | 5.0 MEDIUM | 6.5 MEDIUM |
| Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue. | |||||