CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1367 – Code Injection in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2023-1367
13 Mar 2023 — Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/453c6e130229718680c91bef450db643a0f263e4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1269 – Use of Hard-coded Credentials in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2023-1269
08 Mar 2023 — Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/2731d2f17c5140c562426b857e9f5d63da5c4593 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1397 – API Privilege Escalation in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-1397
10 May 2022 — API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. Una Escalada de privilegios de la API en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.5.0. Una toma de control total del sistema • https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526 • CWE-269: Improper Privilege Management •
CVSS: 9.1EPSS: 72%CPEs: 1EXPL: 6CVE-2022-0482 – Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-0482
09 Mar 2022 — Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. Una Exposición de Información Personal Privada a un Actor no Autorizado en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.4.3 Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability. • https://packetstorm.news/files/id/166701 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-863: Incorrect Authorization •