Skip to main content

Alf

9 CVEs product

Monthly

CVE-2024-45300 MEDIUM POC PATCH This Month

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Authentication Bypass Race Condition Alf
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-45299 MEDIUM POC PATCH This Month

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Alf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-25635 HIGH POC This Week

alf.io is an open source ticket reservation system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Alf
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-25634 MEDIUM POC This Month

alf.io is an open source ticket reservation system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Alf
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-25628 HIGH This Week

Alf.io is a free and open source event attendance management system. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Alf
NVD GitHub
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-25627 MEDIUM POC This Month

Alf.io is a free and open source event attendance management system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Alf
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-2260 HIGH POC PATCH This Week

Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Alf
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-2259 HIGH POC PATCH This Week

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Ssti Alf
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2023-2258 HIGH POC PATCH This Week

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Alf
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Authentication Bypass Race Condition Alf
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Alf
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

alf.io is an open source ticket reservation system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Alf
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

alf.io is an open source ticket reservation system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Alf
NVD GitHub
EPSS 0% CVSS 7.6
HIGH This Week

Alf.io is a free and open source event attendance management system. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Alf
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Alf.io is a free and open source event attendance management system. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Alf
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Alf
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Ssti Alf
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Alf
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy