Lucene search
+L

909 matches found

Nuclei
Nuclei
added yesterday49 views

Slims9 Bulian 9.4.2 - SQL Injection

Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...

7.5CVSS7AI score0.04637EPSS
Exploits1References2
Fedora
Fedora
added 3 days ago8 views

[SECURITY] Fedora 43 Update: calibre-9.11.0-1.fc43

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

8.5CVSS6.1AI score0.00197EPSS
Exploits0
Fedora
Fedora
added 3 days ago8 views

[SECURITY] Fedora 44 Update: calibre-9.11.0-1.fc44

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

8.5CVSS6.1AI score0.00197EPSS
Exploits0
NVD
NVD
added 4 days ago5 views

CVE-2026-12582

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

8.6CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-12582

CVE-2026-12582 affects the Library Management System WordPress plugin where versions prior to 3.5.8 fail to sanitize and escape a user-supplied parameter used in a SQL statement. This permits unauthenticated attackers to perform SQL injection and exfiltrate data from the database, including user ...

8.6CVSS6.2AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12582 Library Management System < 3.5.8 - Unauthenticated SQL Injection via book_id

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

0.00262EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-307 calibre-web is vulnerable to Business Logic Errors

calibre-web is vulnerable to Business Logic Errors...

9.8CVSS7.1AI score0.01375EPSS
Exploits1References6
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-50765

A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...

6.1CVSS0.0022EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-56034

Unauthenticated SQL Injection in Library Management System = 3.5.7 versions...

9.3CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.17 views

CVE-2026-56034

The CVE concerns the WordPress Library Management System plugin (versions

9.3CVSS5.8AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39697

Unauthenticated SQL Injection in Library Management System = 3.5.7 versions...

9.3CVSS5.8AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.37 views

CVE-2026-56034 WordPress Library Management System plugin <= 3.5.7 - SQL Injection vulnerability

Unauthenticated SQL Injection in Library Management System = 3.5.7 versions...

9.3CVSS0.00291EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52981

Name of the Vulnerable Software and Affected Versions Koha Library Management System versions 0 through 25.11 Description A stored cross-site scripting XSS issue exists in the patron restriction type administration page. An authenticated remote attacker with administrator privileges can inject...

6.1CVSS5.8AI score0.0022EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/06/26 12:0 a.m.7 views

CVE-2026-50767

A stored cross-site scripting XSS vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field checkinmsg...

5.8AI score0.00196EPSS
Exploits1References2
OSV
OSV
added 2026/06/26 12:0 a.m.3 views

CVE-2026-50767

A stored cross-site scripting XSS vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field checkinmsg...

5.4CVSS5.9AI score0.00196EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.26 views

CVE-2026-50765

A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...

0.0022EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.16 views

PT-2026-52750

Name of the Vulnerable Software and Affected Versions Library Management System versions prior to 3.5.8 Description An unauthenticated SQL Injection exists in the system, allowing an attacker to execute arbitrary SQL commands without providing credentials. Recommendations Update to a version newe...

9.3CVSS6.1AI score0.00291EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/23 12:30 p.m.9 views

WordPress Library Management System plugin <= 3.5.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Benedictus Jovan aillesim/eneri in WordPress Plugin Library Management System versions = 3.5.7...

9.3CVSS6AI score0.00291EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.18 views

CVE-2026-6000

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

5.3CVSS5.2AI score0.00259EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/04 6:16 p.m.12 views

CVE-2026-42052

Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, is raw insertion and HTML escaping is only performed by . Rendered output is then inserted with .html..., allowing...

6CVSS5.7AI score0.003EPSS
Exploits0References2
Rows per page
Query Builder