Lucene search
+L

12 matches found

redhatcve
redhatcve
added 2025/05/23 10:24 a.m.6 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

9.6CVSS7.3AI score0.00713EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 10:24 a.m.9 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

9.6CVSS7.8AI score0.18921EPSS
Exploits1References1
nvd
nvd
added 2024/08/06 7:15 p.m.30 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

9.6CVSS0.18921EPSS
Exploits1References1
cvelist
cvelist
added 2024/08/06 12:0 a.m.37 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

0.18921EPSS
Exploits1References1
cve
cve
added 2024/08/06 12:0 a.m.45 views

CVE-2024-28740

CVE-2024-28740 affects Koha ILS versions 23.05 and earlier. The vulnerability is a Cross Site Scripting issue that allows a remote attacker to execute arbitrary code via the additonal-contents.pl component. Evidence across multiple sources confirms the affected product/version and the exploitatio...

9.6CVSS7.5AI score0.00713EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2024/08/06 12:0 a.m.19 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

7.3AI score0.00713EPSS
Exploits1References2
cve
cve
added 2024/08/06 12:0 a.m.51 views

CVE-2024-28739

Koha ILS 23.05 and earlier is described in multiple sources as vulnerable to remote code execution via a crafted script to the format parameter. The vulnerability affects Koha ILS versions up to and including 23.05. Concrete exploit details beyond the high-level description (e.g., exact payloads ...

9.6CVSS8AI score0.18921EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2024/08/06 12:0 a.m.16 views

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

7.8AI score0.18921EPSS
Exploits1References1
osv
osv
added 2024/08/06 12:0 a.m.7 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

6.1CVSS7.3AI score0.00713EPSS
Exploits1References4
cvelist
cvelist
added 2024/08/06 12:0 a.m.18 views

CVE-2024-28740

Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component...

0.00713EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2024/08/06 12:0 a.m.6 views

PT-2024-22552 · Koha Ils · Koha Ils

Name of the Vulnerable Software and Affected Versions: Koha ILS versions 23.05 and earlier Description: The issue allows a remote attacker to execute arbitrary code. This is achieved via the additonal-contents.pl component. Recommendations: For versions 23.05 and earlier, consider disabling acces...

9.6CVSS7.7AI score0.00713EPSS
Exploits1References7
packetstorm
packetstorm
added 2015/06/26 12:0 a.m.63 views

Koha ILS 3.20.x CSRF / XSS / Traversal / SQL Injection

=============================================================================================== SBA Research Vulnerability Disclosure =============================================================================================== title: Koha Unauthenticated SQL injection product: Koha ILS affecte...

0.6AI score0.51829EPSS
Exploits13
Rows per page
Query Builder