CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1810 – Authorization Bypass Through User-Controlled Key in publify/publify
https://notcve.org/view.php?id=CVE-2022-1810
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. Un Control de Acceso Inapropiado en el repositorio de GitHub publify/publify versiones anteriores a 9.2.9 • https://github.com/publify/publify/commit/c0aba87844d1e47da50c0d99a3465164a4d244ce https://huntr.dev/bounties/9b2d7579-032e-42da-b736-4b10a868eacb • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1553 – Leaking password protected articles content due to improper access control in publify/publify
https://notcve.org/view.php?id=CVE-2022-1553
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users. Un Filtrado del contenido de los artículos protegidos por contraseña debido a un control de acceso inapropiado en el repositorio GitHub publify/publify versiones anteriores a 9.2.8. Los atacantes pueden aprovechar esta vulnerabilidad para visualizar el contenido de cualquier artículo protegido por contraseña presente en el sitio web de publify, comprometiendo la confidencialidad e integridad de los usuarios • https://github.com/publify/publify/commit/1a78f16f460847274265a12a9555b3524892d7db https://huntr.dev/bounties/b398e4c9-6cdf-4973-ad86-da796cde221f • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0578 – Code Injection in publify/publify
https://notcve.org/view.php?id=CVE-2022-0578
Code Injection in GitHub repository publify/publify prior to 9.2.8. Una Inyección de Código en el repositorio GitHub publify/publify versiones anteriores a 9.2.8 • https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7 https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0574 – Improper Access Control in publify/publify
https://notcve.org/view.php?id=CVE-2022-0574
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. Un Control de Acceso Inapropiado en el repositorio GitHub publify/publify versiones anteriores a 9.2.8 • https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739 https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0524 – Business Logic Errors in publify/publify
https://notcve.org/view.php?id=CVE-2022-0524
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. Unos Errores Lógicos de Negocio en el repositorio GitHub publify/publify versiones anteriores a 9.2.7 • https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5 https://huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d • CWE-840: Business Logic Errors •