Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinpoint Booking Sys
A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including u
Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking
Missing Authorization vulnerability in Team Heateor Super Socializer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Socializer: from n/a through 7.13.
Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booki
Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This
Missing Authorization vulnerability in TuriTop TuriTop Booking System turitop-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TuriTop Booking
Missing Authorization vulnerability in Roland Murg WP Booking System wp-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: fro
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects F
Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable escalat
Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar
Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code in the scheduler conte
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response H
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security
Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through <= 1.8.2.
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitra
Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 5.1.4.
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.T
Missing Authorization vulnerability in Drupal Bookable Calendar allows Forceful Browsing.This issue affects Bookable Calendar: from 0.0.0 before 2.2.13.