2 matches found
CVE-2014-1922
Absolute path traversal vulnerability in tools/pdfViewer.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2014-1922
Koha’s pdfViewer.pl contains an absolute path traversal vulnerability affecting Koha releases up to 3.8.22, 3.10.x up to 3.10.12, 3.12.x up to 3.12.9, and 3.14.x up to 3.14.2. The flaw allows remote attackers to read arbitrary files via unspecified vectors. Attack is network-based with no authent...