Filtered by vendor Mecodia
Subscriptions
Filtered by product Feripro
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-41519 | 1 Mecodia | 1 Feripro | 2024-10-30 | 5.4 Medium |
Feripro <= v2.2.3 is vulnerable to Cross Site Scripting (XSS) via "/admin/programm/<program_id>/zuordnung/veranstaltungen/<event_id>" through the "school" input field. | ||||
CVE-2024-41517 | 1 Mecodia | 1 Feripro | 2024-10-29 | 5.3 Medium |
An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro <= v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges. | ||||
CVE-2024-41518 | 2 Feripro, Mecodia | 2 Feripro, Feripro | 2024-09-03 | 7.5 High |
An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in Feripro <= v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants. |
Page 1 of 1.