π¨ CVE-2024-11195
The Email Subscription Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's print_email_subscribe_form shortcode in all versions up to, and including, 1.2.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
The Email Subscription Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's print_email_subscribe_form shortcode in all versions up to, and including, 1.2.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
π¨ CVE-2024-11194
The Classified Listing β Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured check on the 'rtcl_import_settings' function in all versions up to, and including, 3.1.15.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited arbitrary options on the WordPress site. This can be leveraged to update the Subscriber role with Administrator-level capabilities to gain administrative user access to a vulnerable site. The vulnerability is limited in that the option updated must have a value that is an array.
π@cveNotify
The Classified Listing β Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured check on the 'rtcl_import_settings' function in all versions up to, and including, 3.1.15.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited arbitrary options on the WordPress site. This can be leveraged to update the Subscriber role with Administrator-level capabilities to gain administrative user access to a vulnerable site. The vulnerability is limited in that the option updated must have a value that is an array.
π@cveNotify
π¨ CVE-2024-11198
The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βextra_classβ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βextra_classβ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
π¨ CVE-2024-11224
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βpositionβ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βpositionβ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
π@cveNotify
π¨ CVE-2024-52675
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.
π@cveNotify
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.
π@cveNotify
GitHub
Cve_report/Sourcecodester-SQLi-Sentiment-Based-Moive-Rating.md at main Β· xubeining/Cve_report
Contribute to xubeining/Cve_report development by creating an account on GitHub.
π¨ CVE-2024-9777
The Ashe theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.243. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
The Ashe theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.243. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
π¨ CVE-2024-9830
The Bard theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.216. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
The Bard theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.216. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
π@cveNotify
π¨ CVE-2020-12627
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.
π@cveNotify
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.
π@cveNotify
GitHub
Don't use an hardcoded session key by jvoisin Β· Pull Request #1337 Β· janeczku/calibre-web
This fixes a trivial authentication bypass,
according to https://flask.palletsprojects.com/en/1.1.x/quickstart/#sessions
according to https://flask.palletsprojects.com/en/1.1.x/quickstart/#sessions
π¨ CVE-2021-25964
In βCalibre-webβ application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in βMetadataβ. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered.
π@cveNotify
In βCalibre-webβ application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in βMetadataβ. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered.
π@cveNotify
GitHub
Added lxml to needed requirements Β· janeczku/calibre-web@32e2771
Improved displaying of series title, book of series, comments and custom comments
π1
π¨ CVE-2021-25965
In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the application.
π@cveNotify
In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery (CSRF). By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the application.
π@cveNotify
GitHub
Added handling for missing flask-wtf dependency Β· janeczku/calibre-web@50919d4
Added CSRF protection (via flask-wtf)
Moved upload function to js file
Fixed error page in case of csrf failure
Moved upload function to js file
Fixed error page in case of csrf failure
π¨ CVE-2021-4170
calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
π@cveNotify
calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
π@cveNotify
GitHub
Fix upload of cover and book formats containing html characters Β· janeczku/calibre-web@7ad419d
:books: Web app for browsing, reading and downloading eBooks stored in a Calibre database - Fix upload of cover and book formats containing html characters Β· janeczku/calibre-web@7ad419d
π¨ CVE-2022-0352
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.
π@cveNotify
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.
π@cveNotify
GitHub
Prevent wrong use of safe statement Β· janeczku/calibre-web@6bf0753
:books: Web app for browsing, reading and downloading eBooks stored in a Calibre database - Prevent wrong use of safe statement Β· janeczku/calibre-web@6bf0753
π¨ CVE-2022-0339
Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.
π@cveNotify
Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.
π@cveNotify
GitHub
Kobo sync token is now also created if accessed from localhost(fixes β¦ Β· janeczku/calibre-web@3b216bf
β¦#1990)
Create kobo sync token button is now "unclicked" after closing dialog
Additional localhost route is catched
If book format is deleted this also deletes the book synced to...
Create kobo sync token button is now "unclicked" after closing dialog
Additional localhost route is catched
If book format is deleted this also deletes the book synced to...
π¨ CVE-2022-0766
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
π@cveNotify
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
π@cveNotify
GitHub
Don't allow redirects on cover uploads, catch more addresses which re⦠· janeczku/calibre-web@965352c
β¦solve to localhost
π¨ CVE-2022-0767
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
π@cveNotify
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
π@cveNotify
GitHub
Don't allow redirects on cover uploads, catch more addresses which re⦠· janeczku/calibre-web@965352c
β¦solve to localhost
π¨ CVE-2022-0405
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.
π@cveNotify
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.
π@cveNotify
GitHub
Kobo sync token is now also created if accessed from localhost(fixes β¦ Β· janeczku/calibre-web@3b216bf
β¦#1990)
Create kobo sync token button is now "unclicked" after closing dialog
Additional localhost route is catched
If book format is deleted this also deletes the book synced to...
Create kobo sync token button is now "unclicked" after closing dialog
Additional localhost route is catched
If book format is deleted this also deletes the book synced to...
π¨ CVE-2022-0406
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
π@cveNotify
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
π@cveNotify
GitHub
Upates for new release Β· janeczku/calibre-web@e0e0422
:books: Web app for browsing, reading and downloading eBooks stored in a Calibre database - Upates for new release Β· janeczku/calibre-web@e0e0422
π¨ CVE-2022-0939
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
π@cveNotify
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
π@cveNotify
GitHub
Better epub cover parsing with multiple cover-image items Β· janeczku/calibre-web@4545f4a
Code cosmetics
renamed variables
refactored xml page generation
refactored prepare author
renamed variables
refactored xml page generation
refactored prepare author