888 matches found
Slims9 Bulian 9.4.2 - SQL Injection
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...
CVE-2026-42052
Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, is raw insertion and HTML escaping is only performed by . Rendered output is then inserted with .html..., allowing...
[SECURITY] Fedora 44 Update: calibre-9.6.0-1.fc44
Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
EUVD-2026-21282
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000
CVE-2026-6000 affects code-projects Online Library Management System 1.0, specifically the SQL Database Backup File Handler component handling the file /sql/library.sql. A manipulation of an unknown function leads to information disclosure. The vulnerability allows a remote attacker to access sen...
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
PT-2026-31857
Name of the Vulnerable Software and Affected Versions code-projects Online Library Management System version 1.0 Description A vulnerability exists in code-projects Online Library Management System 1.0 that may lead to information disclosure. The issue is related to a manipulation of an unknown...
Code-Projects Online Library Management System 访问控制错误漏洞
The Code-Projects Online Library Management System is an open-source online library management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Library Management System contains a vulnerability related to access control. This vulnerability stems from incorrect operation...
Koha Library Management System 安全漏洞
Koha Library Management System is an open-source library automation system developed by Koha. Versions of the Koha Library Management System prior to 23.05.10 contained security vulnerabilities. These vulnerabilities stemmed from the improper handling of the POST parameter biblist, which could le...
EUVD-2026-14698
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624 SourceCodester Online Library Management System Parameter home.php sql injection
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
Alienor Web Libre SQL注入漏洞
Alienor Web Libre is a library management system developed by the Alienor company. Version 2.0 of Alienor Web Libre contains a SQL injection vulnerability. This vulnerability stems from the identifiant parameter in the index.php file, which allows for SQL injections, potentially enabling the...
CVE-2025-12707
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
WordPress Library Management System plugin <= 3.2.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by WordFence in WordPress Plugin Library Management System versions = 3.2.1...
CVE-2025-12707
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...