漏洞描述
Calibre是一个开源的虚拟书库软件,Calibre 低于 7.14.0 版本存在任意文件读取漏洞,攻击者可利用此漏洞读取任意文件信息。
Calibre 低于 7.14.0 版本存在任意文件读取漏洞(CVE-2024-6781)
PoC代码
暂无相关漏洞推荐
- D-Link DI-704 默认口令漏洞
- 微力同步 /rest/f/api/resources/f96956469e7be39d 文件读取漏洞
- POC CVE-2024-24882: Masteriyo LMS <= 1.7.2 - Unauthenticated Privilege Escalation
- POC CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS
- POC CVE-2017-17762: Episerver 7 - Blind XML External Entity Injection
- POC CVE-2017-18580: WordPress Shortcodes Ultimate <= 5.0.0 - Authenticated Remote Code Execution
- POC CVE-2017-20192: Formidable Forms < 2.05.02 - Cross-Site Scripting
- POC CVE-2018-10245: AWStats <= 7.5 - Full Path Disclosure
- POC CVE-2021-20617: Acmailer - Improper Access Control to OS Command Injection
- POC CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery
- POC CVE-2021-24213: GiveWP <= 2.9.7 - Cross-Site Scripting
- POC CVE-2021-24657: Limit Login Attempts WordPress - Stored Cross-site Scripting
- POC CVE-2021-25082: WordPress Popup Builder < 4.0.7 - Remote Code Execution