Vulnerabilities > Publify Project > Publify > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-29 CVE-2023-0569 Weak Password Requirements vulnerability in Publify Project Publify
Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10.
network
low complexity
publify-project CWE-521
6.5
2023-01-14 CVE-2022-2815 Insecure Storage of Sensitive Information vulnerability in Publify Project Publify
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.
network
low complexity
publify-project CWE-922
6.5
2022-05-23 CVE-2022-1811 Unrestricted Upload of File with Dangerous Type vulnerability in Publify Project Publify
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.
network
low complexity
publify-project CWE-434
5.4
2022-05-23 CVE-2022-1810 Authorization Bypass Through User-Controlled Key vulnerability in Publify Project Publify
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
network
low complexity
publify-project CWE-639
4.3
2022-05-16 CVE-2022-0574 Incorrect Authorization vulnerability in Publify Project Publify
Improper Access Control in GitHub repository publify/publify prior to 9.2.8.
network
low complexity
publify-project CWE-863
6.4
2022-05-16 CVE-2022-0578 Unspecified vulnerability in Publify Project Publify
Code Injection in GitHub repository publify/publify prior to 9.2.8.
network
low complexity
publify-project
6.5
2022-05-16 CVE-2022-1553 Incorrect Authorization vulnerability in Publify Project Publify
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8.
network
low complexity
publify-project CWE-863
4.0
2022-02-08 CVE-2022-0524 Business Logic Errors vulnerability in Publify Project Publify
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7.
network
low complexity
publify-project CWE-840
5.0
2021-11-02 CVE-2021-25973 Incorrect Resource Transfer Between Spheres vulnerability in Publify Project Publify
In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control.
network
low complexity
publify-project CWE-669
6.4
2020-01-09 CVE-2014-3211 Resource Exhaustion vulnerability in Publify Project Publify
Publify before 8.0.1 is vulnerable to a Denial of Service attack
network
low complexity
publify-project CWE-400
5.0