alextselegidis/easyappointments
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.8 HIGH | — | ||
Easy!Appointments is a self hosted appointment scheduler. In 1.5.2 and earlier, application/core/EA_Security.php::csrf_verify() only enforces CSRF for POST requests and returns early for non-POST methods. Several application endpoints perform state-changing operations while accepting parameters from GET (or $_REQUEST), so an attacker can perform CSRF by forcing a victim's browser to issue a crafted GET request. Impact: creation of admin accounts, modification of admin email/password, and full admin account takeover. | |||
| 7.7 HIGH | — | ||
A BOLA vulnerability in POST /secretaries allows a low privileged user to create a low privileged user (secretary) in the system. This results in unauthorized data manipulation. | |||
| 9.6 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /services/{serviceId} allows a low privileged user to fetch, modify or delete the services of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 5 MEDIUM | — | ||
A BOLA vulnerability in POST /customers allows a low privileged user to create a low privileged user (customer) in the system. This results in unauthorized data manipulation. | |||
| 7.7 HIGH | — | ||
A BOLA vulnerability in POST /services allows a low privileged user to create a service for any user in the system (including admin). This results in unauthorized data manipulation. | |||
| 8.5 HIGH | — | ||
A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user (provider) in the system. This results in privilege escalation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in POST /admins allows a low privileged user to create a high privileged user (admin) in the system. This results in privilege escalation. | |||
| 9.1 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /webhooks/{webhookId} allows a low privileged user to fetch, modify or delete a webhook of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /secretaries/{secretaryId} allows a low privileged user to fetch, modify or delete a low privileged user (secretary). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /customers/{customerId} allows a low privileged user to fetch, modify or delete a low privileged user (customer). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /settings/{settingName} allows a low privileged user to fetch, modify or delete the settings of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /admins/{adminId} allows a low privileged user to fetch, modify or delete a high privileged user (admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /providers/{providerId} allows a low privileged user to fetch, modify or delete a privileged user (provider). This results in unauthorized access and unauthorized data manipulation. | |||
| 8.5 HIGH | — | ||
A BOLA vulnerability in GET, PUT, DELETE /categories/{categoryId} allows a low privileged user to fetch, modify or delete the category of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 9.9 CRITICAL | — | ||
A BOLA vulnerability in GET, PUT, DELETE /appointments/{appointmentId} allows a low privileged user to fetch, modify or delete an appointment of any user (including admin). This results in unauthorized access and unauthorized data manipulation. | |||
| 7.7 HIGH | — | ||
A BOLA vulnerability in POST /appointments allows a low privileged user to create an appointment for any user in the system (including admin). This results in unauthorized data manipulation. | |||
| 6.3 MEDIUM | — | ||
Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 5.4 MEDIUM | — | ||
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 5.4 MEDIUM | — | ||
Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 8.8 HIGH | — | ||
Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 4.8 MEDIUM | — | ||
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 3.8 LOW | — | ||
Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 9.8 CRITICAL | — | ||
Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||
| 8.8 HIGH | 9 HIGH | ||
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. | |||
| 9.1 CRITICAL | 6.4 MEDIUM | ||
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. | |||