Lucene search

Peppermint Security Vulnerabilities

cve

CVE-2023-46863

Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST...

7.5CVSS

7.4AI Score

0.002EPSS

2023-10-30 12:15 AM

cve

CVE-2023-46864

Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST...

5.3CVSS

5.2AI Score

0.001EPSS

2023-10-30 12:15 AM

cve

CVE-2023-42328

An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the hardcoded session...

8.8CVSS

8.7AI Score

0.002EPSS

2023-09-18 04:15 PM

2429

cve

CVE-2023-26984

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted...

8.1CVSS

7.9AI Score

0.001EPSS

2023-03-29 06:15 PM