MINI-MR52-F2FW-WJFH

Bulletin has no description...

CVE-2026-44776

Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or guesses a chapterId, volumeId, or seriesId belonging to a library they are not assigned to can downloa...

ECHO-D755-4269-58CC

Bulletin has no description...

CGA-R6XQ-884F-3MGW

Bulletin has no description...

CVE-2018-25204

The CVE-2018-25204 entry describes an SQL injection in Library CMS 1.0 where unauthenticated attackers can bypass authentication by injecting SQL into the username field of the admin login. The vulnerability stems from improper handling of the username input, allowing boolean-based blind SQL payl...

Code injection

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source...

Library CMS Cross-Site Scripting Vulnerability

Library CMS is a library category display platform. A cross-site scripting vulnerability exists in KAASoft Library CMS version 2.1.1. The vulnerability can be exploited by remote attackers to inject arbitrary web script or HTML via the 'title' parameter...