Vulnerabilities > Calibre WEB Project > Calibre WEB > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-16 | CVE-2022-30765 | SQL Injection vulnerability in Calibre-Web Project Calibre-Web 0.6.18 Calibre-Web before 0.6.18 allows user table SQL Injection. | 7.5 |
2022-04-04 | CVE-2022-0939 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | 7.5 |
2022-03-07 | CVE-2022-0766 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | 7.5 |
2022-03-07 | CVE-2022-0767 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | 7.5 |
2022-01-30 | CVE-2022-0339 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. | 7.5 |
2022-01-17 | CVE-2021-4171 | Unspecified vulnerability in Calibre-Web Project Calibre-Web calibre-web is vulnerable to Business Logic Errors | 7.5 |
2020-05-04 | CVE-2020-12627 | Improper Authentication vulnerability in Calibre-Web Project Calibre-Web 0.6.6 Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key. | 7.5 |