A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched.....
7.3CVSS
7.4AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched.....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched.....
7.3CVSS
7.6AI Score
0.0004EPSS
CVE-2024-1830 code-projects Library System lost-password.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched.....
7.3CVSS
7.7AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql...
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql...
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.....
7.3CVSS
7.7AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch....
7.3CVSS
7.7AI Score
0.0004EPSS
A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql...
7.3CVSS
7.7AI Score
0.0004EPSS
CVE-2024-1829 code-projects Library System registration.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Source/librarian/user/student/registration.php. The manipulation of the argument email/regno/phone/username leads to sql...
7.3CVSS
7.8AI Score
0.0004EPSS
CVE-2024-1828 code-projects Library System registration.php sql injection
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch....
7.3CVSS
7.8AI Score
0.0004EPSS
CVE-2024-1827 code-projects Library System login.php sql injection
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.....
7.3CVSS
7.8AI Score
0.0004EPSS
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
7.3CVSS
7.8AI Score
0.0004EPSS
CVE-2024-1826 code-projects Library System login.php sql injection
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
7.3CVSS
7.8AI Score
0.0004EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to...
6.1CVSS
6.6AI Score
0.001EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to...
6.1CVSS
6.2AI Score
0.001EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to...
5.4CVSS
4.6AI Score
0.001EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to...
6.1CVSS
6.3AI Score
0.001EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to...
5.4CVSS
6.2AI Score
0.001EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to...
5.4CVSS
4.7AI Score
0.001EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to...
4.1CVSS
5.3AI Score
0.001EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to...
9CVSS
6AI Score
0.001EPSS
CVE-2023-3020 Cross-site Scripting (XSS) - Reflected in mkucej/i-librarian-free
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to...
9CVSS
6.2AI Score
0.001EPSS
CVE-2023-3021 Cross-site Scripting (XSS) - Stored in mkucej/i-librarian-free
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to...
4.1CVSS
5.5AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.003EPSS
9.8CVSS
9.3AI Score
0.003EPSS
9.8CVSS
9.4AI Score
0.003EPSS
9.8CVSS
9.3AI Score
0.003EPSS
9.7AI Score
0.003EPSS
-0.5AI Score
7.1AI Score
SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian...
6.4AI Score
0.003EPSS
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be exploited by remote authenticated librarian...
8.9AI Score
0.001EPSS
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be exploited by remote authenticated librarian...
8.8CVSS
8.8AI Score
0.001EPSS
SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian...
6.5CVSS
6.3AI Score
0.003EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully...
9.8CVSS
9.6AI Score
0.004EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully...
9.7AI Score
0.004EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated...
6.1AI Score
0.001EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's...
9.5AI Score
0.003EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated...
6.1CVSS
6AI Score
0.001EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's...
9.8CVSS
9.4AI Score
0.003EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir"...
5.3AI Score
0.001EPSS
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir"...
5.3CVSS
5.2AI Score
0.001EPSS
I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrator's...
8.8CVSS
8.8AI Score
0.001EPSS