Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/04/08 5:0 a.m.7 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS6.1AI score0.00478EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/07 6:31 p.m.3 views

EUVD-2024-55539

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References5
NVD
NVD
added 2026/04/07 5:16 p.m.3 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS0.00478EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/07 12:0 a.m.3 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.4 views

PT-2026-30881

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib list in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/07 12:0 a.m.3 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References4
CVE
CVE
added 2026/04/07 12:0 a.m.8 views

CVE-2024-36058

CVE-2024-36058 (Koha) is a time-based SQL injection affecting the Send Basket feature. Vulnerable in Koha Library before 23.05.10, the issue stems from unsanitized POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, enabling a library user to read arbitrary data from the database. Multip...

9.8CVSS6.1AI score0.00478EPSS
Exploits1References4
OSV
OSV
added 2026/04/07 12:0 a.m.1 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS6.2AI score0.00478EPSS
Exploits1References6
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-9822 Malicious code in @zalastax/nolb-_bib (npm)

The package @zalastax/nolb-bib was found to contain malicious code...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/26 5:32 a.m.6 views

bib-port-royal.com Improper Access Control vulnerability OBB-3794152

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/27 4:5 p.m.14 views

bib-bop.org Cross Site Scripting vulnerability OBB-3365515

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/02/21 5:33 a.m.16 views

jaeren.bib.no Cross Site Scripting vulnerability OBB-3199623

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/09 10:48 p.m.38 views

sbaoz2.bib-bvb.de Cross Site Scripting vulnerability OBB-1319175

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/09 10:16 p.m.8 views

bib-sisis.bib.hochschule-bonn-rhein-sieg.de Cross Site Scripting vulnerability OBB-1319113

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/08/14 11:36 a.m.7 views

bib-fmp.um5.ac.ma Cross Site Scripting vulnerability OBB-1260031

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2020/01/30 12:0 a.m.41 views

Part II: Returning to Adobe Reader symbols on macOS

Posted by Mateusz Jurczyk, Project Zero In a blog post titled "The story of Adobe Reader symbols" published in October 2019, I presented an analysis of the debug symbols shipped with some older versions of Adobe Reader for Unix-family systems released between 1997-2013. Such symbols can prove...

9.8CVSS9.1AI score0.35366EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2018/12/22 1:55 a.m.6 views

bib-bop.org XSS vulnerability

Open Bug Bounty ID: OBB-713272 Description| Value ---|--- Affected Website:| bib-bop.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unti...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/02 8:43 p.m.17 views

bib-hoegaarden.be XSS vulnerability

Open Bug Bounty ID: OBB-551983 Description| Value ---|--- Affected Website:| bib-hoegaarden.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Ubuntu
Ubuntu
added 2010/05/06 1:13 p.m.60 views

USN-937-1: TeX Live vulnerabilities

It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and...

6.8CVSS6AI score0.1192EPSS
Exploits3
seebug.org
seebug.org
added 2009/11/13 12:0 a.m.27 views

BibTeX '.bib' File Handling Memory Corruption Vulnerability

No description provided by source. Bugtraq ID: 34332 Class: Failure to Handle Exceptional Conditions Published: Apr 01 2009 12:00AM Updated: Nov 13 2009 03:46PM Credit: Vincent Lafevre Vulnerable: RedHat Linux 2.1 RedHat Fedora 9 0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 5...

7.1AI score
Exploits0
Rows per page
Query Builder