CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2665 – Storage of Sensitive Data in a Mechanism without Access Control in francoisjacquet/rosariosis
https://notcve.org/view.php?id=CVE-2023-2665
Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. • https://github.com/francoisjacquet/rosariosis/commit/09d5afaa6be07688ca1a7ac3b755b5438109e986 https://huntr.dev/bounties/42f38a84-8954-484d-b5ff-706ca0918194 • CWE-921: Storage of Sensitive Data in a Mechanism without Access Control CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2202 – Improper Access Control in francoisjacquet/rosariosis
https://notcve.org/view.php?id=CVE-2023-2202
Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3. • https://github.com/francoisjacquet/rosariosis/commit/6433946abfb34324616e833b1c00d0b2450753be https://huntr.dev/bounties/efe6ef47-d17c-4773-933a-4836c32db85c • CWE-284: Improper Access Control •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0994 – Exposure of Sensitive Information to an Unauthorized Actor in francoisjacquet/rosariosis
https://notcve.org/view.php?id=CVE-2023-0994
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2. • https://github.com/francoisjacquet/rosariosis/commit/630d3e3d78270db8dbcbfe87db265bc3e70c5a76 https://huntr.dev/bounties/a281c586-9b97-4d17-88ff-ca91bb4c45ad • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2714 – Improper Handling of Length Parameter Inconsistency in francoisjacquet/rosariosis
https://notcve.org/view.php?id=CVE-2022-2714
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0. Un Manejo Inapropiado de la Inconsistencia de los Parámetros de Longitud en el repositorio de GitHub francoisjacquet/rosariosis versiones anteriores a 10.0. • https://github.com/francoisjacquet/rosariosis/commit/4022954c3f41462bf6225c302a28b0429f6f4df3 https://huntr.dev/bounties/430aedac-c7d9-4acb-9bab-bcc0595d9e95 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3072 – Cross-site Scripting (XSS) - Stored in francoisjacquet/rosariosis
https://notcve.org/view.php?id=CVE-2022-3072
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio GitHub francoisjacquet/rosariosis versiones anteriores a 8.9.3 • https://github.com/francoisjacquet/rosariosis/commit/dcd3b86156bf9e981944e1a9e01ea23d8ad7c83a https://huntr.dev/bounties/9755ae6a-b08b-40a0-8089-c723b2d9ca52 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •