Lucene search

Ganesha Digital Library Security Vulnerabilities

cve

CVE-2014-100031

Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2)...

8.8AI Score

0.002EPSS

2015-01-13 03:59 PM

cve

CVE-2014-100030

Cross-site scripting (XSS) vulnerability in module/search/function.php in Ganesha Digital Library (GDL) 4.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a ByEge...

5.8AI Score

0.002EPSS

2015-01-13 03:59 PM

cve

CVE-2014-100029

Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme...

7AI Score

0.004EPSS

2015-01-13 03:59 PM

cve

CVE-2009-0965

SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to...

8.7AI Score

0.001EPSS

2009-03-19 10:30 AM