273 matches found
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0990
Calibre-Web (janeczku/calibre-web) is affected by a Server-Side Request Forgery (SSRF) vulnerability disclosed as CVE-2022-0990 in versions before 0.6.18. The issue is evidenced across multiple sources (NVD, Red Hat, Veracode, Huntr, CVE listings) describing SSRF in this project. Veracode notes t...
CVE-2022-0990 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0990 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0939
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0939
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0939
CVE-2022-0939 affects Calibre-Web (janeczku/calibre-web) before 0.6.18. It is a Server-Side Request Forgery (SSRF) vulnerability, with multiple sources confirming an SSRF issue in this project prior to 0.6.18. Reported impacts include the ability for an attacker to induce the server to fetch reso...
CVE-2022-0939 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
CVE-2022-0939 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
Server-Side Request Forgery SSRF in GitHub repository janeczku/calibre-web prior to 0.6.18...
PT-2022-13540 · Unknown · Calibre-Web
Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.18 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to...
Calibre-Web 代码问题漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A code issue vulnerability exists in Calibre-Web versions prior to 0.6.18. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's...
PT-2022-13575 · Unknown · Calibre-Web
Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.18 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to...
Calibre-Web 代码问题漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A code issue vulnerability exists in Calibre-Web 0.6.18, no information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...
CVE-2022-0406
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16...
CVE-2022-0405
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16...
CVE-2022-0406
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16...
Authorization
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16...
CVE-2022-0406 Improper Authorization in janeczku/calibre-web
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16...
CVE-2022-0406
CVE-2022-0406 affects janeczku/calibre-web (Calibre-Web) prior to 0.6.16, with an improper authorization flaw in shelf order handling. The root cause cited: shelf.py order_shelf path does not verify user permissions before processing POST data, allowing low-privilege users to edit the sort order ...