Calibre-Web 访问控制错误漏洞

Calibre-Web is a web application for browsing, reading, and downloading eBooks from the Calibre database by Jan B, an individual developer. An access control error vulnerability exists in Calibre-Web that stems from the createshelf method in shelf.py not verifying that a user has the required...

Insecure direct object references in `create-shelf` function

Description Insecure direct object references in create-shelf function allows one user to create a shelf on behalf of another. Proof of Concept POST /create-shelf HTTP/2 Host: book.dansmonorage.blue Cookie: csrftoken=ZpIuGbCcxOyhta5bki4N46N7vknEAcpaG3881kcMAfWKBEYKEiLEeSc3Sr4lUTVa;...

Improper Access Control in janeczku/calibre-web

Description Although a user has no permissions about public shelves, he can create them. Proof of Concept The method createshelf at shelf.py does not check if the user has public shelf permissions for create it. @shelf.route"/shelf/create", methods="GET", "POST" @loginrequired def createshelf:...