2 matches found
Koha SQL Injection Vulnerability
Koha is a Koha organization's system for automated library management and site building. A security vulnerability exists in Koha Library Software version 23.0.5.04 and earlier that could allow a remote attacker to obtain sensitive information via Intranet/cgi bin/cataloging/ysearch.pl...
PT-2023-29323 · Unknown · Koha Library
Name of the Vulnerable Software and Affected Versions: Koha Library Software versions 23.0.5.04 and before Description: The issue allows a remote attacker to obtain sensitive information via the "intranet/cgi-bin/cataloging/ysearch.pl" component. This is a SQL Injection vulnerability...