Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2022/08/19 12:0 a.m.2 views

PT-2022-22252 · Mealie · Mealie

Name of the Vulnerable Software and Affected Versions: Mealie version 1.0.0beta3 Description: The issue allows attackers to perform a man-in-the-middle attack via a crafted GET request, as download tokens are not terminated after a user logs out. Recommendations: For Mealie version 1.0.0beta3, as...

9.8CVSS5.6AI score0.0064EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/08/19 12:0 a.m.2 views

PT-2022-22250 · Mealie · Mealie

Name of the Vulnerable Software and Affected Versions: Mealie version 1.0.0beta3 Description: The issue allows attackers to modify user passwords and other attributes via modification of the user id parameter. This is due to an Insecure Direct Object Reference IDOR vulnerability. Recommendations:...

9.8CVSS5.6AI score0.0064EPSS
Exploits0References8
CNNVD
CNNVDadded 2022/08/19 12:0 a.m.0 views

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner by Hayden Individual Developers in the United States. A security vulnerability exists in Mealie version 1.0.0beta3, which stems from the use of weak passwords, allowing an attacker to gain unauthorized access to the application via a brute...

9.8CVSS6.5AI score0.0064EPSS
Exploits0References5
OSV
OSVadded 2022/08/02 3:15 p.m.2 views

CVE-2022-34613

Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file...

9.8CVSS6.6AI score0.01769EPSS
Exploits3References4
Positive Technologies
Positive Technologiesadded 2022/08/02 12:0 a.m.2 views

PT-2022-22245 · Mealie · Mealie

Name of the Vulnerable Software and Affected Versions: Mealie version 1.0.0beta3 Description: The issue allows attackers to execute arbitrary code via a crafted file, exploiting an arbitrary file upload vulnerability. Recommendations: For Mealie version 1.0.0beta3, as a temporary workaround,...

9.8CVSS6.3AI score0.01769EPSS
Exploits3References7
CNNVD
CNNVDadded 2022/08/02 12:0 a.m.1 views

Mealie 代码注入漏洞

Mealie is a self-hosted recipe manager and meal planner by an individual developer in Hayden, USA. A code injection vulnerability exists in Mealie version 1.0.0beta3. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted Jinja2 template...

7.2CVSS7.7AI score0.0102EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2022/08/02 12:0 a.m.2 views

PT-2022-22247 · Mealie · Mealie

Name of the Vulnerable Software and Affected Versions: Mealie version 1.0.0beta3 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field. This enables the execution of...

9.8CVSS5.6AI score0.01769EPSS
Exploits3References8
CNNVD
CNNVDadded 2022/08/02 12:0 a.m.19 views

Mealie 跨站脚本漏洞

Mealie is a self-hosted recipe manager and meal planner by an individual developer in Hayden, USA. A cross-site scripting vulnerability exists in Mealie version 1.0.0beta3. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected...

5.4CVSS6.5AI score0.00562EPSS
Exploits1References6
Rows per page
Query Builder