Vulnerabilities > ALF

DATE CVE VULNERABILITY TITLE RISK
2024-09-06 CVE-2024-45299 Improper Encoding or Escaping of Output vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups.
network
low complexity
alf CWE-116
6.5
2024-09-06 CVE-2024-45300 Race Condition vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups.
network
high complexity
alf CWE-362
5.9
2024-02-19 CVE-2024-25634 Unspecified vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system.
network
low complexity
alf
6.5
2024-02-19 CVE-2024-25635 Unspecified vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system.
network
low complexity
alf
8.8
2024-02-16 CVE-2024-25627 Cross-site Scripting vulnerability in ALF
Alf.io is a free and open source event attendance management system.
network
low complexity
alf CWE-79
4.8
2024-02-16 CVE-2024-25628 Insufficient Session Expiration vulnerability in ALF 2.0M42304
Alf.io is a free and open source event attendance management system.
network
low complexity
alf CWE-613
7.6
2023-04-24 CVE-2023-2258 Unspecified vulnerability in ALF
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf
8.8
2023-04-24 CVE-2023-2259 Code Injection vulnerability in ALF
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-94
7.2
2023-04-24 CVE-2023-2260 Unspecified vulnerability in ALF
Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf
8.8