CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where non-trusted users...

9CVSS7.1AI score0.00675EPSS

Exploits0

RedhatCVE•added 2025/02/05 1:39 p.m.•9 views

CVE-2020-26210

In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have been exploited the...

8.7CVSS7.3AI score0.00432EPSS

Exploits1

CVE•added 2024/07/09 12:0 a.m.•162 views

CVE-2024-36676

The CVE-2024-36676 entry concerns BookStack prior to v24.05.1, where an incorrect access control flaw allows an attacker to confirm existing system users and trigger a targeted notification email DoS via public-facing forms. The vulnerability is documented in multiple sources (e.g., BookStack rel...

7.5CVSS7AI score0.00229EPSS

Exploits0References3

Vulnrichment•added 2022/10/24 12:0 a.m.•3 views

CVE-2022-40690

Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated attacker to inject an arbitrary script...

5.2AI score0.00373EPSS

Exploits0References3

Cvelist•added 2022/10/24 12:0 a.m.•13 views

CVE-2022-40690

Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated attacker to inject an arbitrary script...

5.4AI score0.00373EPSS

Exploits0References3

NVD•added 2022/01/06 6:15 p.m.•11 views

CVE-2021-4194

bookstack is vulnerable to Improper Access Control...

6.5CVSS0.0016EPSS

Exploits1References2

Prion•added 2021/12/02 5:15 p.m.•16 views

Cross site request forgery (csrf)

bookstack is vulnerable to Cross-Site Request Forgery CSRF...

4CVSS6.7AI score0.00068EPSS

Exploits1References2Affected Software1

OSV•added 2021/12/01 6:26 p.m.•12 views

GHSA-JM6P-WFJG-XM7X bookstack is vulnerable to Improper Access Control

bookstack is vulnerable to Improper Access Control...

4.3CVSS4.4AI score0.00215EPSS

Exploits1References5

NVD•added 2021/11/30 8:15 p.m.•7 views

CVE-2021-4026

bookstack is vulnerable to Improper Access Control...

6.5CVSS0.00215EPSS

Exploits1References2

CNNVD•added 2021/10/27 12:0 a.m.•2 views

BookStack 代码问题漏洞

BookStack is an open source platform for building wiki documents using PHP and Laravel from the BookStackApp Bookstackapp team. A code issue vulnerability exists in bookstack that stems from bookstack's susceptibility to unlimited uploads of dangerous types of files...

6.5CVSS6.1AI score0.00229EPSS

Exploits1References3

Prion•added 2021/09/06 12:15 p.m.•12 views

Cross site scripting

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

3.5CVSS5.4AI score0.00261EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by