CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/23 10:24 a.m.•2 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

9.6CVSS7.3AI score0.05641EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:24 a.m.•4 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

9.6CVSS7.8AI score0.23004EPSS

Exploits1References1

NVD•added 2024/08/06 7:15 p.m.•13 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

9.6CVSS0.23004EPSS

Exploits1References1

OSV•added 2024/08/06 7:15 p.m.•4 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

9.6CVSS7.3AI score

Exploits0References2

CVE•added 2024/08/06 12:0 a.m.•36 views

CVE-2024-28740

CVE-2024-28740 affects Koha ILS versions 23.05 and earlier. The vulnerability is a Cross Site Scripting issue that allows a remote attacker to execute arbitrary code via the additonal-contents.pl component. Evidence across multiple sources confirms the affected product/version and the exploitatio...

9.6CVSS7.5AI score0.05641EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/08/06 12:0 a.m.•16 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

7.3AI score0.05641EPSS

Exploits1References2

Vulnrichment•added 2024/08/06 12:0 a.m.•15 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

7.8AI score0.23004EPSS

Exploits1References1

CVE•added 2024/08/06 12:0 a.m.•32 views

CVE-2024-28739

Koha ILS 23.05 and earlier is described in multiple sources as vulnerable to remote code execution via a crafted script to the format parameter. The vulnerability affects Koha ILS versions up to and including 23.05. Concrete exploit details beyond the high-level description (e.g., exact payloads ...

9.6CVSS8AI score0.23004EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/08/06 12:0 a.m.•14 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

0.23004EPSS

Exploits1References1

Cvelist•added 2024/08/06 12:0 a.m.•10 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

0.05641EPSS

Exploits1References2

Positive Technologies•added 2024/08/06 12:0 a.m.•2 views

PT-2024-22552 · Koha Ils · Koha Ils

Name of the Vulnerable Software and Affected Versions: Koha ILS versions 23.05 and earlier Description: The issue allows a remote attacker to execute arbitrary code. This is achieved via the additonal-contents.pl component. Recommendations: For versions 23.05 and earlier, consider disabling acces...

9.6CVSS7.7AI score0.05641EPSS

Exploits1References7

Packet Storm•added 2015/06/26 12:0 a.m.•54 views

Koha ILS 3.20.x CSRF / XSS / Traversal / SQL Injection

=============================================================================================== SBA Research Vulnerability Disclosure =============================================================================================== title: Koha Unauthenticated SQL injection product: Koha ILS affecte...

0.6AI score0.77144EPSS

Exploits13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by