| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2262 | Easy Appointments <= 3.12.21 - Unauthenticated Sensitive Information Exposure via REST API | easyappointments | Easy Appointments | High | 7.5 | 2026-04-17 23:26:49 | Deep Dive |
| CVE-2026-23622 | CSRF Protection Bypass: Sensitive endpoints accept GET requests, enabling admin account takeover | alextselegidis | easyappointments | - | - | 2026-01-15 19:28:58 | Deep Dive |
| CVE-2023-3288 | A BOLA vulnerability in POST /providers in EasyAppointments < 1.5.0 | - | easyappointments | High | 8.5 | 2024-07-09 10:30:33 | Deep Dive |
| CVE-2023-38055 | A BOLA vulnerability in GET, PUT, DELETE /services/{serviceId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.6 | 2024-07-09 10:29:44 | Deep Dive |
| CVE-2023-38054 | A BOLA vulnerability in GET, PUT, DELETE /customers/{customerId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:29:10 | Deep Dive |
| CVE-2023-38053 | A BOLA vulnerability in GET, PUT, DELETE /settings/{settingName} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:28:34 | Deep Dive |
| CVE-2023-38052 | A BOLA vulnerability in GET, PUT, DELETE /admins/{adminId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:27:52 | Deep Dive |
| CVE-2023-38051 | A BOLA vulnerability in GET, PUT, DELETE /secretaries/{secretaryId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:27:20 | Deep Dive |
| CVE-2023-38050 | A BOLA vulnerability in GET, PUT, DELETE /webhooks/{webhookId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.1 | 2024-07-09 10:26:46 | Deep Dive |
| CVE-2023-38049 | A BOLA vulnerability in GET, PUT, DELETE /appointments/{appointmentId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:26:17 | Deep Dive |
| CVE-2023-38048 | A BOLA vulnerability in GET, PUT, DELETE /providers/{providerId} in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:25:44 | Deep Dive |
| CVE-2023-38047 | A BOLA vulnerability in GET, PUT, DELETE /categories/{categoryId} in EasyAppointments < 1.5.0. | - | easyappointments | High | 8.5 | 2024-07-09 10:25:16 | Deep Dive |
| CVE-2023-3289 | A BOLA vulnerability in POST /services in EasyAppointments < 1.5.0 | - | easyappointments | High | 7.7 | 2024-07-09 10:24:13 | Deep Dive |
| CVE-2023-3290 | A BOLA vulnerability in POST /customers in EasyAppointments < 1.5.0 | - | easyappointments | Medium | 5.0 | 2024-07-09 10:23:21 | Deep Dive |
| CVE-2023-3286 | A BOLA vulnerability in POST /secretaries in EasyAppointments < 1.5.0 | - | easyappointments | High | 7.7 | 2024-07-09 10:20:20 | Deep Dive |
| CVE-2023-3287 | A BOLA vulnerability in POST /admins in EasyAppointments < 1.5.0 | - | easyappointments | Critical | 9.9 | 2024-07-09 10:17:37 | Deep Dive |
| CVE-2023-3285 | A BOLA vulnerability in POST /appointments in EasyAppointments < 1.5.0 | - | easyappointments | High | 7.7 | 2024-07-09 09:37:24 | Deep Dive |
| CVE-2023-3700 | Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments | alextselegidis | alextselegidis/easyappointments | Medium | 6.3 | 2023-07-17 06:16:22 | Deep Dive |
| CVE-2023-3568 | Open Redirect in alextselegidis/easyappointments | alextselegidis | alextselegidis/easyappointments | Medium | 6.3 | 2023-07-10 07:28:46 | Deep Dive |
| CVE-2023-2105 | Session Fixation in alextselegidis/easyappointments | alextselegidis | alextselegidis/easyappointments | 高危 | - | 2023-04-15 00:00:00 | Deep Dive |