Easyappointments

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-57602 PHP CRITICAL POC Act Now

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Easyappointments
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2024-57601 PHP MEDIUM POC This Month

Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Easyappointments
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-57602 PHP
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Easyappointments
NVD
CVE-2024-57601 PHP
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Easyappointments
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy