37 matches found
CVE-2026-7713
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7713 crocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorization
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7713
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...
CVE-2026-7713
CVE-2026-7713 affects crocodilestick Calibre-Web-Automated up to 4.0.6. The vulnerable component is the Kobo auth-token Route, specifically the generate_auth_token function in cps/kobo_auth.py, where improper authorization may be exploited remotely. An exploit has been published and publicized. A...
PT-2026-36731
Name of the Vulnerable Software and Affected Versions crocodilestick Calibre-Web-Automated versions prior to 4.0.7 Description An improper authorization issue exists in the Kobo auth-token Route component. A remote attacker can manipulate the generate auth token function within the cps/kobo auth....
Calibre-Web Automated 安全漏洞
Calibre-Web Automated is a self-hosted digital library management tool developed by CrocodileStick’s individual developer. Versions of Calibre-Web Automated prior to 4.0.6 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the generateauthtoken functi...
CVE-2026-7709
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
CVE-2026-7709 janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorization
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
PT-2026-36726
Name of the Vulnerable Software and Affected Versions janeczku Calibre-Web versions prior to 0.6.27 Description Improper authorization occurs in the Endpoint component due to the manipulation of the user id argument within the generate auth token function located in the cps/kobo auth.py file. Thi...
Calibre-Web 安全漏洞
Calibre-Web is a web application developed by Jan B, designed for browsing, reading, and downloading e-books from the Calibre database. Calibre-Web versions 0.6.26 and earlier contain security vulnerabilities. These vulnerabilities stem from the generateauthtoken function in the Endpoint...
Rewiring Democracy Ebook is on Sale
I just noticed that the ebook version of Rewiring Democracy is on sale for $5 on Amazon, Apple Books, Barnes & Noble, Books A Million, Google Play, Kobo, and presumably everywhere else in the US. I have no idea how long this will last. Also, Amazon has a coupon that brings the hardcover price dow...
EUVD-2015-3066
Malware in sbrugna...
EUVD-2015-3065
Malware in sbrugna...
CVE-2023-41447
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component...
RM: calibre/buster-backports -- ROM; no security support; bpo10s of a newer version are impossible
Dear Backports admins, I am requesting the removal of calibre from buster-backports, because it has no security support and because newer versions of Calibre depend on a newer Qt version that cannot be backported. I delayed this request until Bullseye was released, so that users would have a...
RM: calibre/buster-backports -- ROM; no security support; bpo10s of a newer version are impossible
Dear Backports admins, I am requesting the removal of calibre from buster-backports, because it has no security support and because newer versions of Calibre depend on a newer Qt version that cannot be backported. I delayed this request until Bullseye was released, so that users would have a...
Updated calibre packages fix security vulnerability
Newer devices like Kobo Aura HD requires newer versions of calibre for their new firmwares. Current calibre package does not support them. Also, our current calibre packages in both core and backports repositories have a security issue CVE-2016-10187. Newer versions of calibre 2.75.0 + fixes this...
MGASA-2017-0047 Updated calibre packages fix security vulnerability
Newer devices like Kobo Aura HD requires newer versions of calibre for their new firmwares. Current calibre package does not support them. Also, our current calibre packages in both core and backports repositories have a security issue CVE-2016-10187. Newer versions of calibre 2.75.0 + fixes this...
Kobo Books - Reading App - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Kobo Books - Reading App published at the 'play' market has multiple vulnerabilities...
PHP Kobo Photo Gallery CMS for PC/smartphone and feature phone Cross Site Scripting Vulnerability
PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone is a photo gallery content management system CMS for PC, smartphone and feature phone from PHP Kobo Japan. A cross-site scripting vulnerability exists in the jquery.lightbox-0.5.min.js file in PHP Kobo Photo Gallery CMS for PC,...