Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calibre-web project calibre-web vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2106
Weak Password Requirements in GitHub repository janeczku/calibre-web before 0.6.20.
Calibre-web Project Calibre-web
7.5
CVSSv2
CVE-2022-0766
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.17.
Calibre-web Project Calibre-web
7.5
CVSSv2
CVE-2022-0767
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.17.
Calibre-web Project Calibre-web
NA
CVE-2022-2525
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web before 0.6.20.
Calibre-web Project Calibre-web
3.5
CVSSv2
CVE-2021-25964
In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS wil...
Calibre-web Project Calibre-web
6.8
CVSSv2
CVE-2021-25965
In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the appli...
Calibre-web Project Calibre-web
4
CVSSv2
CVE-2022-0273
Improper Access Control in Pypi calibreweb before 0.6.16.
Calibre-web Project Calibre-web
6.8
CVSSv2
CVE-2021-4164
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
Calibre-web Project Calibre-web
4.3
CVSSv2
CVE-2022-0352
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb before 0.6.16.
Calibre-web Project Calibre-web
4
CVSSv2
CVE-2022-0406
Improper Authorization in GitHub repository janeczku/calibre-web before 0.6.16.
Calibre-web Project Calibre-web
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »