Alextselegidis Easyappointments vulnerabilities
10 known vulnerabilities affecting alextselegidis/alextselegidis_easyappointments.
Total CVEs
10
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH2MEDIUM5LOW1
Vulnerabilities
Page 1 of 1
CVE-2022-0482P1CRITICALCVSS 9.1ExploitedPoC≥ unspecified, < 1.4.32022-03-09
CVE-2022-0482 [CRITICAL] CWE-359 CVE-2022-0482: Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidi
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.
nvd
CVE-2022-1397P3HIGHCVSS 8.8≥ unspecified, < 1.5.02022-05-10
CVE-2022-1397 [HIGH] CWE-269 CVE-2022-1397: API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full s
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.
nvd
CVE-2023-1269P3CRITICALCVSS 9.8≥ unspecified, < 1.5.02023-03-08
CVE-2023-1269 [CRITICAL] CWE-798 CVE-2023-1269: Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-2105P3HIGHCVSS 8.8≥ unspecified, < 1.5.02023-04-15
CVE-2023-2105 [HIGH] CWE-384 CVE-2023-2105: Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-2104P4MEDIUMCVSS 5.4≥ unspecified, < 1.5.02023-04-15
CVE-2023-2104 [MEDIUM] CWE-284 CVE-2023-2104: Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-2103P4MEDIUMCVSS 5.4≥ unspecified, < 1.5.02023-04-15
CVE-2023-2103 [MEDIUM] CWE-79 CVE-2023-2103: Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-3700P4MEDIUMCVSS 4.3≥ unspecified, < 1.5.02023-07-17
CVE-2023-3700 [MEDIUM] CWE-639 CVE-2023-3700: Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointment
Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-2102P4MEDIUMCVSS 4.8≥ unspecified, < 1.5.02023-04-15
CVE-2023-2102 [MEDIUM] CWE-79 CVE-2023-2102: Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-3568P4MEDIUMCVSS 4.8≥ unspecified, < 1.5.02023-07-10
CVE-2023-3568 [MEDIUM] CWE-601 CVE-2023-3568: Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd
CVE-2023-1367P4LOWCVSS 3.8≥ unspecified, < 1.5.02023-03-13
CVE-2023-1367 [LOW] CWE-94 CVE-2023-1367: Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
nvd