Catalin Iovita

5 exploits Active since Jul 2024
CVE-2024-39123 NOMISEC MEDIUM WRITEUP
Janeczku Calibre-web < 0.6.21 - XSS
In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments function is vulnerable to Cross Site Scripting (XSS) due to improper sanitization performed by the clean_string function. The vulnerability arises from the way the clean_string function handles HTML sanitization.
2 stars
CVSS 5.4
CVE-2024-57716 WRITEUP HIGH WRITEUP
Nuget Autoqueryable - Information Disclosure
An issue in trenoncourt AutoQueryable v.1.7.0 allows a remote attacker to obtain sensitive information via the Unselectable function.
CVSS 7.5
CVE-2025-26127 WRITEUP MEDIUM WRITEUP
FileCloud <23.241.2 - XSS
A stored cross-site scripting (XSS) vulnerability in the Send for Approval function of FileCloud v23.241.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS 5.0
EIP-2026-104264 EXPLOITDB text WRITEUP
Gitea 1.22.0 - Stored XSS
EIP-2026-104191 EXPLOITDB text WRITEUP
Calibre-web 0.6.21 - Stored XSS