Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 1:1 p.m.10 views

CVE-2024-25634

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue...

7.2CVSS6.7AI score0.00748EPSS
Exploits1References1
nvd
nvd
added 2024/02/19 8:15 p.m.11 views

CVE-2024-25634

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue...

7.2CVSS6.9AI score0.00748EPSS
Exploits1References1
cve
cve
added 2024/02/19 7:53 p.m.55 views

CVE-2024-25634

Summary (CVE-2024-25634) : alf.io, an open-source ticket reservation system, is affected by an insecure access control flaw (IDOR) that, prior to version 2.0-Mr-2402, allows an attacker to read email logs of other organizers by sending a specially crafted request. The issue targets the data expos...

7.2CVSS6.6AI score0.00748EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2024/02/19 7:53 p.m.18 views

CVE-2024-25634 IDOR make user can read e-mail log sent by other events

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue...

7.2CVSS7.1AI score0.00748EPSS
Exploits1References1
osv
osv
added 2024/02/19 7:53 p.m.13 views

CVE-2024-25634 IDOR make user can read e-mail log sent by other events

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue...

7.2CVSS6.9AI score0.00748EPSS
Exploits1References3
Rows per page
Query Builder