Yordam Library Automation System 安全漏洞

Yordam Library Automation System is an application from Yordam, Inc. A security vulnerability exists in Yordam Library Automation System versions prior to 20.1, which stems from an improperly restricted over-authentication attempt vulnerability that allows interface manipulation...

PT-2024-37078 · Unknown · Yordam Library Automation System

Name of the Vulnerable Software and Affected Versions: Yordam Library Automation System versions prior to 20.1 Description: The issue affects the Yordam Library Automation System, allowing interface manipulation due to improper restriction of excessive authentication attempts. This can lead to...

PT-2024-22550 · Koha Ils · Koha Ils

Name of the Vulnerable Software and Affected Versions: Koha ILS versions 23.05 and earlier Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the format parameter. Recommendations: For versions 23.05 and earlier, update to a version that contains a f...

CASAP Automated Enrollment 安全漏洞

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization in the United States. The purpose of this project is to provide an automated enrollment system for CASAP to streamline the process for schools and make it more effective, efficient, and easily retrievable. A...

CVE-2024-33294

An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the FAILE variable in the studenteditphoto.php component...

CVE-2024-33294

CVE-2024-33294 pertains to the Library System (PHP/MySQLi) v1.0, where a flaw in the file component student_edit_photo.php allows a remote attacker to execute arbitrary code via the _FAILE variable. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) indicates a network-exposed, unauthentic...

Library System 安全漏洞

Library System is a library management system by nurhodelta17 individual developer. A security vulnerability exists in Library System version V1.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the FAILE variable in the Studenteditphoto.php component...

CVE-2024-33294

An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the FAILE variable in the studenteditphoto.php component...

CVE-2024-33294

An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the FAILE variable in the studenteditphoto.php component...

PT-2024-25190 · Unknown · Library System

Name of the Vulnerable Software and Affected Versions: Library System version V1.0 Description: An issue in the Library System allows a remote attacker to execute arbitrary code via the FAILE variable in the student edit photo.php component. Recommendations: For Library System version V1.0,...

CVE-2024-3365

A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-3365 SourceCodester Online Library System controller.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-3365

CVE-2024-3365 affects SourceCodester Online Library System 1.0. The vulnerability lies in the admin/users/controller.php file, where manipulation of the user_name argument enables a cross-site scripting (XSS) flaw. The issue is exploitable remotely and public exploits have been disclosed. Several...

CVE-2024-3365 SourceCodester Online Library System controller.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-3364

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-3364

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-3363

A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack...

CVE-2024-3363

A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack...

CVE-2024-3364 SourceCodester Online Library System index.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-3364 SourceCodester Online Library System index.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...