Lucene search

Ganesha Digital Library Security Vulnerabilities

cve

CVE-2014-100031

Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2)...

9.5AI Score

0.002EPSS

2015-01-13 03:59 PM

cve

CVE-2014-100029

Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme...

7.6AI Score

0.013EPSS

2015-01-13 03:59 PM

cve

CVE-2014-100030

Cross-site scripting (XSS) vulnerability in module/search/function.php in Ganesha Digital Library (GDL) 4.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a ByEge...

6.3AI Score

0.002EPSS

2015-01-13 03:59 PM

cve

CVE-2009-0965

SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to...

9.3AI Score

0.001EPSS

2009-03-19 10:30 AM