Vulnerabilities > Janeczku > Calibre WEB > 0.6.9

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2021-3986 Unspecified vulnerability in Janeczku Calibre-Web
A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users.
network
low complexity
janeczku
4.3
4.3
2024-11-15 CVE-2021-3987 Missing Authorization vulnerability in Janeczku Calibre-Web
An improper access control vulnerability exists in janeczku/calibre-web.
network
low complexity
janeczku CWE-862
4.3
4.3
2024-11-15 CVE-2021-3988 Unspecified vulnerability in Janeczku Calibre-Web
A Cross-site Scripting (XSS) vulnerability exists in janeczku/calibre-web, specifically in the file `edit_books.js`.
network
low complexity
janeczku
6.1
6.1
2023-04-15 CVE-2023-2106 Weak Password Requirements vulnerability in Janeczku Calibre-Web
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20.
network
low complexity
janeczku CWE-521
critical
 9.8
9.8
2023-04-15 CVE-2022-2525 Improper Restriction of Excessive Authentication Attempts vulnerability in Janeczku Calibre-Web
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.
network
low complexity
janeczku CWE-307
critical
 9.8
9.8
2022-04-04 CVE-2022-0990 Unspecified vulnerability in Janeczku Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
network
low complexity
janeczku
critical
 9.1
9.1
2022-04-04 CVE-2022-0939 Unspecified vulnerability in Janeczku Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
network
low complexity
janeczku
critical
 9.9
9.9
2022-04-03 CVE-2022-0405 Unspecified vulnerability in Janeczku Calibre-Web
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
janeczku
4.3
4.3
2022-04-03 CVE-2022-0406 Incorrect Authorization vulnerability in Janeczku Calibre-Web
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
network
low complexity
janeczku CWE-863
4.3
4.3
2022-03-07 CVE-2022-0766 Server-Side Request Forgery (SSRF) vulnerability in Janeczku Calibre-Web
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.
network
low complexity
janeczku CWE-918
critical
 9.8
9.8