Cozy Vision Sms Alert Order Notifications vulnerabilities
6 known vulnerabilities affecting cozy_vision/sms_alert_order_notifications.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2025-49915P2CRITICALCVSS 9.3≤ 3.8.52025-10-22
CVE-2025-49915 [CRITICAL] CWE-89 CVE-2025-49915: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.5.
nvd
CVE-2025-47682P2CRITICALCVSS 9.8≤ 3.8.12025-05-12
CVE-2025-47682 [CRITICAL] CWE-89 CVE-2025-47682: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.1.
nvd
CVE-2025-26988P3HIGHCVSS 7.5≤ 3.7.82025-03-03
CVE-2025-26988 [HIGH] CWE-89 CVE-2025-26988: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.7.8.
nvd
CVE-2026-32373P4MEDIUMCVSS 5.4≤ 3.9.02026-03-13
CVE-2026-32373 [MEDIUM] CWE-862 CVE-2026-32373: Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Ex
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.9.0.
nvd
CVE-2025-66086P4MEDIUMCVSS 5.3≤ 3.8.82025-11-21
CVE-2025-66086 [MEDIUM] CWE-862 CVE-2025-66086: Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Ex
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.8.
nvd
CVE-2025-26984P4MEDIUMCVSS 6.1≤ 3.7.82025-03-03
CVE-2025-26984 [MEDIUM] CWE-79 CVE-2025-26984: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Reflected XSS.This issue affects SMS Alert Order Notifications: from n/a through <= 3.7.8.
nvd