📦 Alf

A race condition vulnerability in alf.io allows attackers to bypass promo code usage limits by exploiting timing gaps between validation and enforcement. This affects all alf.io deployments prior to v...

This vulnerability in alf.io ticket reservation system allows attackers to access email logs from other organizers' events through specially crafted requests. It affects all alf.io installations prior...

This vulnerability allows users who should have been invalidated or deleted to retain access to the admin area in Alf.io event management systems. This affects all Alf.io deployments running vulnerabl...

This vulnerability allows CSV formula injection attacks in alf.io event management software. Attackers can embed malicious formulas in CSV files that execute when opened in spreadsheet applications li...

This CVE describes an authorization bypass vulnerability in alf.io event management software where attackers can manipulate user-controlled keys to access unauthorized resources. It affects all users ...