Show filters
113 Total Results
Displaying 31-40 of 113
Sort by:
Attacker Value
Unknown

CVE-2024-1094

Disclosure Date: June 14, 2024 (last updated January 05, 2025)
The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the make_staff() function in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to grant users staff permissions.
0
Attacker Value
Unknown

CVE-2023-24373

Disclosure Date: June 03, 2024 (last updated February 26, 2025)
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3.
0
Attacker Value
Unknown

CVE-2024-32720

Disclosure Date: May 17, 2024 (last updated February 26, 2025)
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56.
0
Attacker Value
Unknown

CVE-2024-4294

Disclosure Date: April 27, 2024 (last updated March 11, 2025)
A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-appointment-detail.php. The manipulation of the argument editid leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-262226 is the identifier assigned to this vulnerability.
Attacker Value
Unknown

CVE-2024-4293

Disclosure Date: April 27, 2024 (last updated February 28, 2025)
A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262225 was assigned to this vulnerability.
Attacker Value
Unknown

CVE-2024-32454

Disclosure Date: April 15, 2024 (last updated February 26, 2025)
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0.
0
Attacker Value
Unknown

CVE-2024-30561

Disclosure Date: March 31, 2024 (last updated February 26, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scientech It Solution Appointment Calendar allows Reflected XSS.This issue affects Appointment Calendar: from n/a through 2.9.6.
0
Attacker Value
Unknown

CVE-2024-0856

Disclosure Date: March 20, 2024 (last updated April 02, 2024)
The Appointment Booking Calendar WordPress plugin before 1.3.83 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding a booking to the calendar without paying.
0
Attacker Value
Unknown

CVE-2023-49173

Disclosure Date: December 14, 2023 (last updated February 25, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10to8 Sign In Scheduling Online Appointment Booking System allows Stored XSS.This issue affects Sign In Scheduling Online Appointment Booking System: from n/a through 1.0.9.
Attacker Value
Unknown

CVE-2023-48841

Disclosure Date: December 07, 2023 (last updated February 25, 2025)
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.