CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1397 – API Privilege Escalation in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-1397
10 May 2022 — API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. Una Escalada de privilegios de la API en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.5.0. Una toma de control total del sistema • https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526 • CWE-269: Improper Privilege Management •
CVSS: 9.1EPSS: 93%CPEs: 1EXPL: 6CVE-2022-0482 – Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-0482
09 Mar 2022 — Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. Una Exposición de Información Personal Privada a un Actor no Autorizado en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.4.3 Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability. • https://packetstorm.news/files/id/166701 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-863: Incorrect Authorization •