Vulnerabilities > ALF

DATE CVE VULNERABILITY TITLE RISK
2024-09-06 CVE-2024-45299 Improper Encoding or Escaping of Output vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups.
network
low complexity
alf CWE-116
6.5
6.5
2024-09-06 CVE-2024-45300 Race Condition vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups.
network
high complexity
alf CWE-362
5.9
5.9
2023-04-24 CVE-2023-2258 Improper Neutralization of Formula Elements in a CSV File vulnerability in ALF
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-1236
8.8
8.8
2023-04-24 CVE-2023-2259 Code Injection vulnerability in ALF
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-94
7.2
7.2
2023-04-24 CVE-2023-2260 Authorization Bypass Through User-Controlled Key vulnerability in ALF
Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-639
8.8
8.8