Vulnerabilities > Easyappointments

DATE CVE VULNERABILITY TITLE RISK
2023-07-17 CVE-2023-3700 Authorization Bypass Through User-Controlled Key vulnerability in Easyappointments
Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-639
4.3
2023-04-15 CVE-2023-2103 Cross-site Scripting vulnerability in Easyappointments
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-79
5.4
2023-04-15 CVE-2023-2104 Improper Access Control vulnerability in Easyappointments
Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-284
5.4
2023-04-15 CVE-2023-2105 Session Fixation vulnerability in Easyappointments
Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-384
8.8
2023-04-15 CVE-2023-2102 Cross-site Scripting vulnerability in Easyappointments
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-79
4.8
2023-03-13 CVE-2023-1367 Code Injection vulnerability in Easyappointments
Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-94
3.8
2023-03-08 CVE-2023-1269 Use of Hard-coded Credentials vulnerability in Easyappointments
Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-798
critical
9.8
2022-05-10 CVE-2022-1397 Improper Privilege Management vulnerability in Easyappointments
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
network
low complexity
easyappointments CWE-269
critical
9.0
2022-03-09 CVE-2022-0482 Privacy Violation vulnerability in Easyappointments
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.
network
low complexity
easyappointments CWE-359
6.4
2020-03-16 CVE-2018-13063 Missing Authorization vulnerability in Easyappointments Easy!Appointments
Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.
network
low complexity
easyappointments CWE-862
5.0