Vulnerabilities > ALF > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-19 CVE-2024-25635 Unspecified vulnerability in ALF 2.0M42304
alf.io is an open source ticket reservation system.
network
low complexity
alf
8.8
8.8
2024-02-16 CVE-2024-25628 Insufficient Session Expiration vulnerability in ALF 2.0M42304
Alf.io is a free and open source event attendance management system.
network
low complexity
alf CWE-613
7.6
7.6
2023-04-24 CVE-2023-2258 Unspecified vulnerability in ALF
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf
8.8
8.8
2023-04-24 CVE-2023-2259 Code Injection vulnerability in ALF
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf CWE-94
7.2
7.2
2023-04-24 CVE-2023-2260 Unspecified vulnerability in ALF
Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
network
low complexity
alf
8.8
8.8