Lucene search

K

Publify Security Vulnerabilities

cve
cve

CVE-2023-0569

Weak Password Requirements in GitHub repository publify/publify prior to...

6.5CVSS

6.8AI Score

0.001EPSS

2023-01-29 05:15 PM
54
cve
cve

CVE-2023-0299

Improper Input Validation in GitHub repository publify/publify prior to...

9.8CVSS

9.1AI Score

0.001EPSS

2023-01-14 03:15 PM
32
cve
cve

CVE-2022-2815

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to...

6.5CVSS

6.3AI Score

0.001EPSS

2023-01-14 02:15 PM
30
cve
cve

CVE-2022-1812

Integer Overflow or Wraparound in GitHub repository publify/publify prior to...

9.8CVSS

9.4AI Score

0.002EPSS

2023-01-14 02:15 PM
36
cve
cve

CVE-2022-1811

Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to...

5.4CVSS

5.3AI Score

0.001EPSS

2022-05-23 04:16 PM
77
4
cve
cve

CVE-2022-1810

Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to...

4.3CVSS

4.5AI Score

0.001EPSS

2022-05-23 12:16 PM
60
4
cve
cve

CVE-2022-1553

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and...

4.9CVSS

5AI Score

0.001EPSS

2022-05-16 03:15 PM
74
3
cve
cve

CVE-2022-0574

Improper Access Control in GitHub repository publify/publify prior to...

6.5CVSS

6.3AI Score

0.001EPSS

2022-05-16 03:15 PM
69
4
cve
cve

CVE-2022-0578

Code Injection in GitHub repository publify/publify prior to...

6.5CVSS

6.6AI Score

0.001EPSS

2022-05-16 03:15 PM
68
4
cve
cve

CVE-2022-0524

Business Logic Errors in GitHub repository publify/publify prior to...

7.5CVSS

7.4AI Score

0.001EPSS

2022-02-08 10:15 PM
51
cve
cve

CVE-2021-25975

In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to inject malicious JavaScript via the uploaded html...

5.4CVSS

5AI Score

0.001EPSS

2021-11-10 11:15 AM
41
cve
cve

CVE-2021-25974

In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a...

5.4CVSS

5.7AI Score

0.001EPSS

2021-11-10 11:15 AM
38
cve
cve

CVE-2021-25973

In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction...

6.5CVSS

6.3AI Score

0.001EPSS

2021-11-02 07:15 AM
50
2
cve
cve

CVE-2014-3211

Publify before 8.0.1 is vulnerable to a Denial of Service...

7.5CVSS

7.4AI Score

0.001EPSS

2020-01-09 02:15 PM
29