302 matches found
LibLime Koha <= 4.2 - Local File Inclusion Vulnerability
No description provided by source. Exploit Title: Koha Opac Local File Inclusion Google Dork: inurl:koha/opac-main.pl Date: 17.11.2011 Author: Akin TosunlarVigasis Labs Software Link: www.koha.org Version: 4.2 Tested on: LinuxApache 2.2.14 CVE : Vigasis Pentest Team www.vigasis.com 0-Day Exploit...
Koha Multiple Vulnerabilities (Feb 2014) - Active Check
Koha is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:koha:koha"; if description...
CVE-2014-1626
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
Xxe
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
CVE-2014-1626
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
UBUNTU-CVE-2014-1626
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
CVE-2014-1626
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
CVE-2014-1626
XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...
Koha 'help.pl' Remote File Include Vulnerability
Koha is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or execute arbitrary script code in the context of the webserver process. This may allow the...
Koha RFI Vulnerability (Jul 2011) - Active Check
Koha is prone to a remote file include RFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2011-4715
Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm...
Directory traversal
Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm...
CVE-2011-4715
CVE-2011-4715 affects Koha and LibLime Koha prior to updates: a directory traversal/ local file inclusion flaw in cgi-bin/koha/mainpage.pl related to the KohaOpacLanguage cookie can allow reading arbitrary files via the cookie to cgi-bin/opac/opac-main.pl (Output.pm). Affected versions: Koha 3.4 ...
CVE-2011-4715
Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm...
Koha < 3.4.2 Multiple XSS Vulnerabilities - Active Check
Koha is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Koha < 4.5 Build 4500 LFI Vulnerability - Active Check
Koha is prone to local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:koha:koha"; ifdescriptio...
LibLime Koha 4.2 - Local File Inclusion
LibLime Koha 4.2 - Local File Inclusion Exploit Title: Koha Opac Local File Inclusion Google Dork: inurl:koha/opac-main.pl Date: 17.11.2011 Author: Akin TosunlarVigasis Labs Software Link: www.koha.org Version: 4.2 Tested on: LinuxApache 2.2.14 CVE : Vigasis Pentest Team www.vigasis.com 0-Day...
LibLime Koha 4.2 Local File Inclusion
Exploit Title: Koha Opac Local File Inclusion Google Dork: inurl:koha/opac-main.pl Date: 17.11.2011 Author: Akin TosunlarVigasis Labs Software Link: www.koha.org Version: 4.2 Tested on: LinuxApache 2.2.14 CVE : Vigasis Pentest Team www.vigasis.com 0-Day Exploit Akin Tosunlar Special Thanks to Ozg...
LibLime Koha 4.2 - Local File Inclusion
Exploit Title: Koha Opac Local File Inclusion Google Dork: inurl:koha/opac-main.pl Date: 17.11.2011 Author: Akin TosunlarVigasis Labs Software Link: www.koha.org Version: 4.2 Tested on: LinuxApache 2.2.14 CVE : Vigasis Pentest Team www.vigasis.com 0-Day Exploit Akin Tosunlar Special Thanks to Ozg...
LibLime Koha <= 4.2 Local File Inclusion Vulnerability
Exploit for cgi platform in category web applications Exploit Title: Koha Opac Local File Inclusion Google Dork: inurl:koha/opac-main.pl Date: 17.11.2011 Author: Akin TosunlarVigasis Labs Software Link: www.koha.org Version: 4.2 Tested on: LinuxApache 2.2.14 CVE : Vigasis Pentest Team...