CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

OSV•added 2018/09/06 7:29 p.m.•18 views

CVE-2018-1000669

KOHA Library System version 16.11.x up until 16.11.13 and 17.05.x up until 17.05.05 contains a Cross Site Request Forgery CSRF vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters affected: borrowernumber, amount, amountoutstanding, paid that can result in Attackers can mark payments a...

8.8CVSS7.1AI score

Exploits0References1

Cvelist•added 2018/09/06 7:0 p.m.•18 views

CVE-2018-1000670

KOHA Library System version 16.11.x up until 16.11.13 and 17.05.x up until 17.05.05 contains a Cross Site Scripting XSS vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=number ,...

6.4AI score0.00648EPSS

Exploits1References1

CVE•added 2018/09/06 7:0 p.m.•38 views

CVE-2018-1000669

CVE-2018-1000669 | KOHA Library System contains a CSRF vulnerability in /cgi-bin/koha/members/paycollect.pl affecting borrowernumber, amount, amountoutstanding, and paid. An attacker can result in marking payments as paid for certain users on behalf of Administrators, via a socially engineered li...

8.8CVSS8.8AI score0.00481EPSS

Exploits1References1Affected Software1

CVE•added 2018/09/06 7:0 p.m.•50 views

CVE-2018-1000670

KOHA Library System versions 16.11.x (up to 16.11.13) and 17.05.x (up to 17.05.05) are affected by a Cross Site Scripting (XSS) vulnerability in multiple fields across several pages (e.g., /cgi-bin/koha/acqui/supplier.pl?op=enter, /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number], /cgi-bi...

6.1CVSS6.3AI score0.00648EPSS

Exploits1References1Affected Software1

CNVD•added 2014/12/30 12:0 a.m.•2 views

Multiple Cross-Site Scripting Vulnerabilities in Koha

Koha is the first open source library automation system. Koha has multiple cross-site scripting vulnerabilities. Because the program fails to properly filter user-supplied input, an attacker could exploit these vulnerabilities to execute arbitrary script code in the context of a browser without t...

4.3CVSS7AI score0.0122EPSS

Exploits1References1

securityvulns•added 2011/07/26 12:0 a.m.•59 views

[PT-2011-05] Cross-Site Scripting in Koha Library Software

---------------------------------------------------------------------- PT-2011-05 Positive Technologies Security Advisory Cross-Site Scripting in Koha Library Software ---------------------------------------------------------------------- --- Vulnerable software Koha Library Software version 3.2....

0.4AI score

Exploits0

Positive Technologies•added 2011/05/31 12:0 a.m.•3 views

PT-2011-05: Cross-Site Scripting in Koha Library Software

Koha Library Software – library automation system. Vulnerability Description Positive Research Center detects XSS in Koha Library Software. Application insufficiently verifies incoming data from users in the following scripts: opac-downloadcart.pl opac-addbybiblionumber.pl opac-downloadshelf.pl...

6.8AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by