CVE-2022-0339 – Server-Side Request Forgery (SSRF) in janeczku/calibre-web
https://notcve.org/view.php?id=CVE-2022-0339
Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en Pypi calibreweb versiones anteriores a 0.6.16 • https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92 https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2022-0352 – Cross-site Scripting (XSS) - Reflected in janeczku/calibre-web
https://notcve.org/view.php?id=CVE-2022-0352
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en Pypi calibreweb versiones anteriores a 0.6.16 • https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1 https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-4164 – Cross-Site Request Forgery (CSRF) in janeczku/calibre-web
https://notcve.org/view.php?id=CVE-2021-4164
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) calibre-web es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/janeczku/calibre-web/commit/785726deee13b4d56f6c3503dd57c1e3eb7d6f30 https://huntr.dev/bounties/2debace1-a0f3-45c1-95fa-9d0512680758 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2021-4171 – Business Logic Errors in janeczku/calibre-web
https://notcve.org/view.php?id=CVE-2021-4171
calibre-web is vulnerable to Business Logic Errors calibre-web es vulnerable a Errores de Lógica Empresarial • https://github.com/janeczku/calibre-web/commit/3e0d8763c377d2146462811e3e4ccf13f0d312ce https://huntr.dev/bounties/1117f439-133c-4563-afb2-6cd80607bd5c • CWE-840: Business Logic Errors •
CVE-2021-4170 – Cross-site Scripting (XSS) - Stored in janeczku/calibre-web
https://notcve.org/view.php?id=CVE-2021-4170
calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') calibre-web es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5 https://huntr.dev/bounties/ff395101-e392-401d-ab4f-579c63fbf6a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •