CVE-2022-0273

Improper Access Control in Pypi calibreweb prior to 0.6.16...

SUSE CVE-2006-4168

Integer overflow in the exifdataloaddataentry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service application crash or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow...

PT-2022-13159 · Unknown · Janeczku/Calibre-Web

Name of the Vulnerable Software and Affected Versions: janeczku/calibre-web versions prior to 0.6.16 Description: The issue is related to improper access control in the janeczku/calibre-web GitHub repository. Recommendations: For versions prior to 0.6.16, update to version 0.6.16 or later to...

CVE-2022-0352

Cross-site Scripting XSS - Reflected in Pypi calibreweb prior to 0.6.16...

PYSEC-2022-18

Cross-site Scripting XSS - Reflected in Pypi calibreweb prior to 0.6.16...

Calibre-Web 跨站脚本漏洞

Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in Calibre-Web before 0.6.16, which stems from the WEB application's lack of proper validation of client-side data. An attacker could exploit the vulnerability ...