22 matches found
CVE-2024-41517
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro = v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges...
CVE-2024-41519
Feripro = v2.2.3 is vulnerable to Cross Site Scripting XSS via "/admin/programm//zuordnung/veranstaltungen/" through the "school" input field...
CVE-2024-41518
An Incorrect Access Control vulnerability in "/admin/programm//export/statistics" in Feripro = v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants...
CVE-2024-41519
Feripro /zuordnung/veranstaltungen/" through the "school" input field...
CVE-2024-41519
Feripro /zuordnung/veranstaltungen/" through the "school" input field...
CVE-2024-41517
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro = v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges...
CVE-2024-41518
An Incorrect Access Control vulnerability in "/admin/programm//export/statistics" in Feripro = v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants...
CVE-2024-41518
An Incorrect Access Control vulnerability in "/admin/programm//export/statistics" in Feripro = v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants...
CVE-2024-41517
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro = v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges...
CVE-2024-41519
Feripro /zuordnung/veranstaltungen/" through the "school" input field...
Mercodia Feripro 安全漏洞
Mercodia Feripro is a vacation management software from Mercodia USA. A security vulnerability exists in Mercodia Feripro 2.2.3 and earlier versions, which stems from an incorrect access control vulnerability in /admin/benutzer/institution/rechteverwaltung/uebersicht, which allows a remote attack...
CVE-2024-41517
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro = v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges...
Mercodia Feripro 安全漏洞
Mercodia Feripro is a vacation management software from Mercodia USA. A security vulnerability exists in Mercodia Feripro 2.2.3 and earlier versions, which stems from the presence of a cross-site scripting XSS vulnerability...
PT-2024-29435 · Feripro · Feripro
Name of the Vulnerable Software and Affected Versions: Feripro versions prior to 2.2.3 Description: The issue is related to an Incorrect Access Control vulnerability. It affects the "/admin/benutzer/institution/rechteverwaltung/uebersicht" endpoint, allowing remote attackers to obtain a list of a...
CVE-2024-41517
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro = v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges...
CVE-2024-41519
Feripro /zuordnung/veranstaltungen/" through the "school" input field...
CVE-2024-41518
CVE-2024-41518 concerns Feripro prior to 2.2.3, where an Incorrect Access Control flaw in the endpoint /admin/programm//export/statistics allows remote attackers to export an XLSX file containing registrations and participant information. The Red Hat and NVD entries corroborate the same path and ...
Mercodia Feripro 安全漏洞
Mercodia Feripro is a vacation management software from Mercodia USA. A security vulnerability exists in Mercodia Feripro 2.2.3 and earlier versions, which stems from an incorrect access control vulnerability in /admin/programm//export/statistics, which could allow a remote attacker to export an...
CVE-2024-41519
Feripro <= v2.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability in the admin endpoint used for program/ Veranstalungen mapping, exploitable via the school input field at /admin/programm//zuordnung/veranstaltungen/. Multiple sources confirm the issue affects Feripro 2.2.3 and earlie...
CVE-2024-41518
An Incorrect Access Control vulnerability in "/admin/programm//export/statistics" in Feripro = v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants...