Filtered by vendor Peppermint
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46863 | 1 Peppermint | 1 Peppermint | 2024-09-09 | 7.5 High |
| Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST request. | ||||
| CVE-2023-46864 | 1 Peppermint | 1 Peppermint | 2024-09-09 | 5.3 Medium |
| Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request. | ||||
| CVE-2023-42328 | 1 Peppermint | 1 Peppermint | 2024-08-02 | 8.8 High |
| An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the hardcoded session cookie. | ||||
| CVE-2023-26984 | 1 Peppermint | 1 Peppermint | 2024-08-02 | 8.1 High |
| An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request. | ||||
Page 1 of 1.