Vulnerabilities
The list of vulnerabilities found by me.
| CVE ID | CWE Name | Product | Links |
|---|---|---|---|
| CVE-2023-0914 | Improper Authorization | Pixelfed | Report |
| CVE-2023-0901 | Exposure of Sensitive Information to an Unauthorized Actor | Pixelfed | Report |
| CVE-2023-0737 | Cross-Site Request Forgery (CSRF) | wallabag | Report |
| CVE-2023-0610 | Improper Authorization | wallabag | Report |
| CVE-2023-0609 | Improper Authorization | wallabag | Report |
| CVE-2023-0509 | Improper Certificate Validation | pyLoad | Report |
| CVE-2023-0488 | Cross-site Scripting (XSS) - Stored | pyLoad | Report |
| CVE-2023-0440 | Exposure of Sensitive Information to an Unauthorized Actor | Healthchecks | Report |
| CVE-2023-0406 | Cross-Site Request Forgery (CSRF) | Modoboa | Report |
| CVE-2023-0398 | Cross-Site Request Forgery (CSRF) | Modoboa | Report |
| CVE-2023-0297 | Code Injection | pyLoad | Story, Report |
| CVE-2023-0055 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute | pyLoad | Report |
| CVE-2023-0057 | Improper Restriction of Rendered UI Layers or Frames | pyLoad | Report |
| CVE-2023-0298 | Improper Authorization | Firefly III | Report |
| N/A | Improper Restriction of Rendered UI Layers or Frames | Agreper | Report |
| N/A | Cross-Site Request Forgery (CSRF) | Agreper | Report |
| N/A | Open Redirect | phpwcms | Report |
| N/A | Cross-site Scripting (XSS) - Reflected | Diskover Community Edition | Fix |