258 matches found
CVE-2026-7713
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7714
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
CVE-2026-7713
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
EUVD-2026-26865
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
CVE-2026-7714 crocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authentication
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
CVE-2026-7714
CVE-2026-7714 affects crocodilestick Calibre-Web-Automated (up to version 4.0.6). The vulnerability lies in the Admin Endpoint’s cps/cwa_functions.py, where authentication is missing, enabling a remote attacker to potentially exploit it. Exploit details have been published, and the project was in...
CVE-2026-7714 crocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authentication
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
CVE-2026-7714
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
EUVD-2026-26854
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7713 crocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorization
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7713
CVE-2026-7713 affects crocodilestick Calibre-Web-Automated up to 4.0.6. The vulnerable component is the Kobo auth-token Route, specifically the generate_auth_token function in cps/kobo_auth.py, where improper authorization may be exploited remotely. An exploit has been published and publicized. A...
CVE-2026-7713 crocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorization
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
Calibre-Web Automated 授权问题漏洞
Calibre-Web Automated is a self-hosted digital library management tool developed by CrocodileStick’s individual developer. Versions of Calibre-Web Automated prior to 4.0.6 contained an authorization vulnerability. This vulnerability stemmed from an unknown feature in the Admin Endpoint component’...
PT-2026-36731
Name of the Vulnerable Software and Affected Versions crocodilestick Calibre-Web-Automated versions prior to 4.0.7 Description An improper authorization issue exists in the Kobo auth-token Route component. A remote attacker can manipulate the generate auth token function within the cps/kobo auth....
PT-2026-36742
Name of the Vulnerable Software and Affected Versions crocodilestick Calibre-Web-Automated versions prior to 4.0.7 Description A flaw in the Admin Endpoint component, specifically within the cps/cwa functions.py file, allows for missing authentication. This issue enables a remote attacker to bypa...
Calibre-Web Automated 安全漏洞
Calibre-Web Automated is a self-hosted digital library management tool developed by CrocodileStick’s individual developer. Versions of Calibre-Web Automated prior to 4.0.6 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the generateauthtoken functi...
CVE-2026-7709
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
CVE-2026-7709
CVE-2026-7709 affects janeczku Calibre-Web up to 0.6.26. The vulnerable element is the function generate_auth_token in cps/kobo_auth.py of the Endpoint component. The issue stems from manipulation of the argument user_id , causing improper authorization. The vulnerability can be exploited remotel...
CVE-2026-7709 janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorization
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
CVE-2026-7709
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...