45 matches found
Unrestricted file upload
File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component...
Koha Code Issue Vulnerability
Koha is a Koha organization's system for building websites for automated library management. A security vulnerability exists in Koha Library Software version 23.0.5.04 and earlier that could allow a remote attacker to read arbitrary files via the upload-cover-image.pl component...
CVE-2023-44961
SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. component...
CVE-2023-44962
File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component...
CVE-2023-44961
SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. component...
CVE-2023-44962
File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component...
CVE-2023-44962
CVE-2023-44962 affects Koha Library Software versions 23.05.04 and earlier. The root cause is lack of filtering of the client-supplied path in the upload-cover-image.pl component, enabling an attacker to read arbitrary files. The PT-2023-5947 advisory adds detail: exploitation can involve uploadi...
CVE-2023-44961
Koha Library Software (version 23.0.5.04 and earlier) is affected by a SQL Injection in the intranet/cgi-bin/cataloging/ysearch.pl component. The underlying issue allows a remote attacker to obtain sensitive information. The CVE is described across multiple sources as a SQL injection vulnerabilit...
BELL-CVE-2022-41716 CVE-2022-41716 does not affect BellSoft software
Bulletin has no description...
UBUNTU-CVE-2022-40157
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
Koha Detection (HTTP)
HTTP based detection of Koha Library Software. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Piwigo SQL Injection Vulnerability (CNVD-2021-100297)
Piwigo is a set of Web-based open source image library software. Piwigo v11.5 contains a security vulnerability in /admin/batchmanagerglobal.php in which the parameter pwgtoken is not sufficiently escaped and filtered. No details of the vulnerability are available at this time...
CVE-2021-42699
The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account...
ParantezTeknoloji Library Software 16.0519000 Open Redirection
Exploit Title : ParantezTeknoloji Library Software 16.0519000 Open Redirection Vulnerability Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/10/2019 Vendor Homepage : parantezteknoloji.com.tr Software Affected Versions and Download Links : Koha 3.2000000...
Devinim Library Software 19.0504000 Open Redirection
Exploit Title : Devinim Library Software 19.0504000 Open Redirection Vulnerability Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/10/2019 Vendor Homepage : devinim.com.tr Software Affected Versions and Download Links : Koha 16.1104000...
Koha Library Software 18.1106000 Open Redirection
Exploit Title : Koha Library Software 18.1106000 Tracklinks Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 19/06/2019 Vendor Homepage : koha.org - koha-community.org Software Download Link : download.koha-community.org...
BELL-CVE-2015-3196 CVE-2015-3196 does not affect BellSoft software
Bulletin has no description...
Ganesha Digital Library 4.0 Multiple Vulnerabilities
Exploit for php platform in category web applications ===================================================== Ganesha Digital Library 4.0 Multiple Vulnerabilities =====================================================...
libmodplug library multiple security vulnerabilities
Memory corruptions on different media formats...
[PT-2011-05] Cross-Site Scripting in Koha Library Software
---------------------------------------------------------------------- PT-2011-05 Positive Technologies Security Advisory Cross-Site Scripting in Koha Library Software ---------------------------------------------------------------------- --- Vulnerable software Koha Library Software version 3.2....