7 matches found
CVE-2024-36058
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...
EUVD-2024-55539
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...
CVE-2024-36058
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...
CVE-2024-36058
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...
PT-2026-30881
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib list in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...
CVE-2024-36058
CVE-2024-36058 (Koha) is a time-based SQL injection affecting the Send Basket feature. Vulnerable in Koha Library before 23.05.10, the issue stems from unsanitized POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, enabling a library user to read arbitrary data from the database. Multip...
CVE-2024-36058
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...