Lucene search
K

44 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.7 views

CVE-2024-48534

A reflected cross-site scripting XSS vulnerability on the Camp Details module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS6AI score0.0036EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.9 views

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

5.3CVSS6.9AI score0.00399EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.6 views

CVE-2024-48535

A stored cross-site scripting XSS vulnerability in eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

5.4CVSS5.6AI score0.00272EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.7 views

CVE-2024-48536

Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions performed by the company via supplying a crafted web request...

7.5CVSS6.9AI score0.00453EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.6 views

CVE-2024-48530

An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS6.9AI score0.0056EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:37 a.m.5 views

CVE-2024-48531

A reflected cross-site scripting XSS vulnerability on the Rental Availability module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS6.2AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.5 views

CVE-2024-48530

An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS5.8AI score0.0056EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.18 views

CVE-2024-48531

A reflected cross-site scripting XSS vulnerability on the Rental Availability module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS0.0036EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.5 views

CVE-2024-48536

Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions performed by the company via supplying a crafted web request...

7.5CVSS5.8AI score0.00453EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.4 views

CVE-2024-48535

A stored cross-site scripting XSS vulnerability in eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

5.4CVSS5.9AI score0.00272EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.5 views

CVE-2024-48534

A reflected cross-site scripting XSS vulnerability on the Camp Details module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS6AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.5 views

CVE-2024-48531

A reflected cross-site scripting XSS vulnerability on the Rental Availability module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS6AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2024/11/20 9:15 p.m.5 views

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

5.3CVSS5.8AI score0.00399EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.29 views

CVE-2024-48530

An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS0.0056EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.27 views

CVE-2024-48534

A reflected cross-site scripting XSS vulnerability on the Camp Details module of eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS0.0036EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.14 views

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

5.3CVSS0.00399EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.16 views

CVE-2024-48536

Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions performed by the company via supplying a crafted web request...

7.5CVSS0.00453EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 9:15 p.m.16 views

CVE-2024-48535

A stored cross-site scripting XSS vulnerability in eSoft Planner 3.24.08271-USA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

5.4CVSS0.00272EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.4 views

PT-2024-33134 · Unknown · Esoft Planner

Name of the Vulnerable Software and Affected Versions: eSoft Planner version 3.24.08271-USA Description: A reflected cross-site scripting XSS issue in the Camp Details module allows attackers to execute arbitrary code in the context of a user's browser by injecting a crafted payload. This enables...

5.4CVSS6.9AI score0.0036EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/11/20 12:0 a.m.6 views

eSoft Planner 安全漏洞

eSoft Planner is a scheduling software for managing sports facilities from eSoft Planner, Inc. A security vulnerability exists in eSoft Planner version 3.24.08271-USA that stems from vulnerability to a cross-site scripting attack, which allows an attacker to execute arbitrary code in the context ...

5.4CVSS6.7AI score0.0036EPSS
Exploits1References2
Rows per page
Query Builder