17 results (0.010 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20. • https://github.com/janeczku/calibre-web/commit/49e4f540c9b204c7e39b3c27ceadecd83ed60e7e https://huntr.dev/bounties/9ff87820-c14c-4454-9764-406496254ef0 • CWE-307: Improper Restriction of Excessive Authentication Attempts •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. • https://github.com/janeczku/calibre-web/commit/49e4f540c9b204c7e39b3c27ceadecd83ed60e7e https://huntr.dev/bounties/c3d5c647-7557-40a9-aee4-24dc14882781 • CWE-521: Weak Password Requirements •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub janeczku/calibre-web versiones anteriores a 0.6.18 • https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367 https://huntr.dev/bounties/31649903-c19c-4dae-aee0-a04b095855c5 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub janeczku/calibre-web versiones anteriores a 0.6.18 • https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367 https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16. Una Autorización Inapropiada en el repositorio de GitHub janeczku/calibre-web versiones anteriores a 0.6.16 • https://github.com/janeczku/calibre-web/commit/e0e04220109920575179a8f924543449c6de0706 https://huntr.dev/bounties/d7498799-4797-4751-b5e2-b669e729d5db • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •