Search
Find a vulnerability
Search criteria
5 vulnerabilities by Twinkle Toes Software
CVE-2020-37077 (GCVE-0-2020-37077)
Vulnerability from nvd – Published: 2026-02-03 22:01 – Updated: 2026-02-04 16:08
VLAI
Title
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
Summary
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating directory path traversal techniques.
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/48428 | exploit |
| https://www.bookedscheduler.com | product |
| https://web.archive.org/web/20190612055926/https:… | product |
| https://www.vulncheck.com/advisories/booked-sched… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Twinkle Toes Software | Booked Scheduler |
Affected:
2.7.7
|
Date Public
2020-05-03 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-37077",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:08:37.407072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:08:47.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booked Scheduler",
"vendor": "Twinkle Toes Software",
"versions": [
{
"status": "affected",
"version": "2.7.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Besim ALTINOK"
}
],
"datePublic": "2020-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable \u0027tn\u0027 parameter to read files outside the intended directory by manipulating directory path traversal techniques."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T22:01:44.235Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48428",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48428"
},
{
"name": "Booked Scheduler Official Website",
"tags": [
"product"
],
"url": "https://www.bookedscheduler.com"
},
{
"name": "Archived Booked Scheduler SourceForge Page",
"tags": [
"product"
],
"url": "https://web.archive.org/web/20190612055926/https://sourceforge.net/projects/phpscheduleit/"
},
{
"name": "VulnCheck Advisory: Booked Scheduler 2.7.7 - Authenticated Directory Traversal",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/booked-scheduler-authenticated-directory-traversal"
}
],
"title": "Booked Scheduler 2.7.7 - Authenticated Directory Traversal",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-37077",
"datePublished": "2026-02-03T22:01:44.235Z",
"dateReserved": "2026-02-01T13:16:06.485Z",
"dateUpdated": "2026-02-04T16:08:47.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-30706 (GCVE-0-2022-30706)
Vulnerability from nvd – Published: 2022-07-26 05:10 – Updated: 2024-08-03 06:56
VLAI
Summary
Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Severity
No CVSS data available.
CWE
- Open Redirect
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.bookedscheduler.com/ | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN75063798/ | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Twinkle Toes Software | Booked |
Affected:
versions prior to 3.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:13.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bookedscheduler.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Booked",
"vendor": "Twinkle Toes Software",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Open Redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-26T05:10:14.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bookedscheduler.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Booked",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.3"
}
]
}
}
]
},
"vendor_name": "Twinkle Toes Software"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bookedscheduler.com/",
"refsource": "MISC",
"url": "https://www.bookedscheduler.com/"
},
{
"name": "https://jvn.jp/en/jp/JVN75063798/",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30706",
"datePublished": "2022-07-26T05:10:14.000Z",
"dateReserved": "2022-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:56:13.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-37077 (GCVE-0-2020-37077)
Vulnerability from cvelistv5 – Published: 2026-02-03 22:01 – Updated: 2026-02-04 16:08
VLAI
Title
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
Summary
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating directory path traversal techniques.
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/48428 | exploit |
| https://www.bookedscheduler.com | product |
| https://web.archive.org/web/20190612055926/https:… | product |
| https://www.vulncheck.com/advisories/booked-sched… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Twinkle Toes Software | Booked Scheduler |
Affected:
2.7.7
|
Date Public
2020-05-03 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-37077",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:08:37.407072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:08:47.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booked Scheduler",
"vendor": "Twinkle Toes Software",
"versions": [
{
"status": "affected",
"version": "2.7.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Besim ALTINOK"
}
],
"datePublic": "2020-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable \u0027tn\u0027 parameter to read files outside the intended directory by manipulating directory path traversal techniques."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T22:01:44.235Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48428",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48428"
},
{
"name": "Booked Scheduler Official Website",
"tags": [
"product"
],
"url": "https://www.bookedscheduler.com"
},
{
"name": "Archived Booked Scheduler SourceForge Page",
"tags": [
"product"
],
"url": "https://web.archive.org/web/20190612055926/https://sourceforge.net/projects/phpscheduleit/"
},
{
"name": "VulnCheck Advisory: Booked Scheduler 2.7.7 - Authenticated Directory Traversal",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/booked-scheduler-authenticated-directory-traversal"
}
],
"title": "Booked Scheduler 2.7.7 - Authenticated Directory Traversal",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-37077",
"datePublished": "2026-02-03T22:01:44.235Z",
"dateReserved": "2026-02-01T13:16:06.485Z",
"dateUpdated": "2026-02-04T16:08:47.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-30706 (GCVE-0-2022-30706)
Vulnerability from cvelistv5 – Published: 2022-07-26 05:10 – Updated: 2024-08-03 06:56
VLAI
Summary
Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Severity
No CVSS data available.
CWE
- Open Redirect
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.bookedscheduler.com/ | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN75063798/ | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Twinkle Toes Software | Booked |
Affected:
versions prior to 3.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:13.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bookedscheduler.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Booked",
"vendor": "Twinkle Toes Software",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Open Redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-26T05:10:14.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bookedscheduler.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-30706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Booked",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.3"
}
]
}
}
]
},
"vendor_name": "Twinkle Toes Software"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bookedscheduler.com/",
"refsource": "MISC",
"url": "https://www.bookedscheduler.com/"
},
{
"name": "https://jvn.jp/en/jp/JVN75063798/",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN75063798/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-30706",
"datePublished": "2022-07-26T05:10:14.000Z",
"dateReserved": "2022-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:56:13.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2022-000055
Vulnerability from jvndb - Published: 2022-07-22 13:40 - Updated:2024-06-14 17:43
Severity
Summary
Booked vulnerable to open redirect
Details
Booked provided by Twinkle Toes Software contains an open redirect vulnerability (CWE-601).
Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000055.html",
"dc:date": "2024-06-14T17:43+09:00",
"dcterms:issued": "2022-07-22T13:40+09:00",
"dcterms:modified": "2024-06-14T17:43+09:00",
"description": "Booked provided by Twinkle Toes Software contains an open redirect vulnerability (CWE-601).\r\n\r\nYuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000055.html",
"sec:cpe": {
"#text": "cpe:/a:twinkletoessoftware:booked",
"@product": "Booked",
"@vendor": "Twinkle Toes Software",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2022-000055",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN75063798/index.html",
"@id": "JVN#75063798",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-30706",
"@id": "CVE-2022-30706",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-30706",
"@id": "CVE-2022-30706",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Booked vulnerable to open redirect"
}