Skip to main content

Wallabag

9 CVEs product

Monthly

CVE-2023-4455 PHP MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-4454 PHP MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
CVSS 3.1
5.7
EPSS
0.2%
CVE-2023-3566 PHP MEDIUM POC This Month

A vulnerability was found in wallabag 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wallabag
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.4%
CVE-2023-0734 PHP MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-0736 PHP MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Wallabag
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-0735 PHP MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-0610 PHP MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-0609 PHP MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2018-11352 PHP MEDIUM POC PATCH This Month

The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Wallabag
NVD
CVSS 3.0
4.0
EPSS
0.7%
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A vulnerability was found in wallabag 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wallabag
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Wallabag
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Wallabag
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
EPSS 1% CVSS 4.0
MEDIUM POC PATCH This Month

The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Wallabag
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy