📄 Easy!Appointments 1.5.1 Denial of Service

Easy!Appointments version 1.5.1 suffers from a denial of service vulnerability due to a logic flaw. CVE-2025-29448 Description booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by...

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2024-29448

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability...

CVE-2024-29448

ROS2 Humble Hawksbill (versions 2) is affected by a reported buffer overflow in the C++ components, which could allow arbitrary code execution or a denial of service through improper handling of arrays or strings. Remediation is to update to a version that includes the fix for this issue to mitig...

CVE-2024-29448

...

CVE-2022-29448

creationtimestamp| type| source ---|---|--- 2022-05-21 00:31:06+00:00| seen| https://t.me/cibsecurity/43095...

CVE-2022-29448 WordPress Herd Effects plugin <= 5.2 - Local File Inclusion (LFI) vulnerability

Authenticated admin or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Herd Effects plugin = 5.2 at WordPress...

CVE-2022-29448 WordPress Herd Effects plugin <= 5.2 - Local File Inclusion (LFI) vulnerability

Authenticated admin or higher user role Local File Inclusion LFI vulnerability in Wow-Company's Herd Effects plugin = 5.2 at WordPress...

CVE-2022-29448

CVE-2022-29448 describes a Local File Inclusion (LFI) vulnerability in WordPress Herd Effects plugin prior to or at version 5.2, requiring an authenticated admin or higher user to exploit. The issue stems from inadequate validation in how local file resources are selected for inclusion, allowing ...

CVE-2021-29448

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details...

CVE-2021-29448

Pi-hole exposes a Stored XSS vulnerability in the Admin portal (Web Interface) of Pi-hole, described across multiple sources. The issue is a stored DOM/XSS flaw in the AdminLTE-based interface that can be triggered by an attacker with network access to the DNS server. Affected is Pi-hole’s admin/...

CVE-2020-29448

creationtimestamp| type| source ---|---|--- 2021-02-23 00:33:56+00:00| seen| https://t.me/cibsecurity/23955...

CVE-2020-29448

CVE-2020-29448 affects Atlassian Confluence Server/Data Center. Affected ConfluenceResourceDownloadRewriteRule allows unauthenticated remote retrieval of arbitrary files in WEB-INF and META-INF due to an incorrect path access check. Impact is read-only exposure of restricted files; no exploitatio...

Pre-Authorization Limited Arbitrary File Read in Confluence Server - CVE-2020-29448

The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. h3. Affected versions: version 6.13.18 6.14.0 ≤ version 7.4....