GCVE - cpe:2.3:a:n/a:monicahq:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:monicahq:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Monicahq (`ce9f5d91-20df-5d5c-91b8-b6792a7cd2c9`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-30790`	vulnerable	2026-06-08 06:04:41.150283	Details available MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter. Published: 2023-05-08T00:00:00.000Z Updated: 2025-02-03T19:59:00.510Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/napoli https://www.monicahq.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-30789`	vulnerable	2026-06-08 06:04:41.149747	Details available MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter. Published: 2023-05-08T00:00:00.000Z Updated: 2025-02-03T19:55:01.931Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/napoli https://www.monicahq.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-30788`	vulnerable	2026-06-08 06:04:41.149274	Details available MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter. Published: 2023-05-08T00:00:00.000Z Updated: 2025-02-04T19:11:04.109Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/napoli https://www.monicahq.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-30787`	vulnerable	2026-06-08 06:04:41.147633	Details available MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter. Published: 2023-05-08T00:00:00.000Z Updated: 2025-02-03T19:05:57.976Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/napoli https://www.monicahq.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-1094`	vulnerable	2026-06-08 05:52:33.821221	Details available MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/food` endpoint and food parameter. Published: 2023-05-08T00:00:00.000Z Updated: 2025-01-29T16:18:42.852Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/napoli https://www.monicahq.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-1031`	vulnerable	2026-06-08 05:52:33.666624	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.