2 matches found
Sql injection
SQL injection vulnerability in the MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE:...
CVE-2014-1924
The CVE-2014-1924 entry affects Koha’s MARC framework import/export function (admin/import_export_framework.pl). The vulnerability occurs in Koha versions before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3, where the import/export interface does not require auth...