4 matches found
CVE-2024-8679
creationtimestamp| type| source ---|---|--- 2024-12-07 02:44:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113609244057118127 2024-12-07 04:10:40+00:00| seen| https://t.me/cvedetector/12301...
CVE-2024-8679
The Library Management System – Manage e-Digital Books Library plugin for WordPress is vulnerable to SQL Injection via the ‘value' parameter of the owtlibhandler AJAX action in all versions up to, and including, 3.1 due to insufficient escaping on the user supplied parameter and lack of sufficien...
CVE-2024-8679
CVE-2024-8679 affects the Library Management System WordPress plugin (Library Management System) up to version 3.0.0. It allows SQL Injection via the value parameter of the owt_lib_handler AJAX action. The flaw arises from insufficient escaping and lack of proper query preparation, enabling an au...
CVE-2024-8679 Library Management System <= 3.1 - Authenticated (Admin+) SQL Injection
The Library Management System – Manage e-Digital Books Library plugin for WordPress is vulnerable to SQL Injection via the ‘value' parameter of the owtlibhandler AJAX action in all versions up to, and including, 3.1 due to insufficient escaping on the user supplied parameter and lack of sufficien...