3 matches found
The vulnerability of the members/moremember.pl and admin/aqbudgets.pl components of the Koha library process automation software allows a hacker to execute arbitrary commands.
The vulnerability of the members/moremember.pl and admin/aqbudgets.pl components of the Koha library process automation software is related to the absence of a mechanism to neutralize these elements in the CSV file. Exploiting this vulnerability allows a remote attacker to execute arbitrary DDE...
PT-2024-3869 · Unknown · Library Management System
Name of the Vulnerable Software and Affected Versions: Koha Library Management System versions 23.05.05 and earlier Description: The issue is related to a lack of neutralization of elements in a CSV file, affecting the components members/moremember.pl and admin/aqbudgets.pl. This allows a remote...
CVE-2022-44140
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component...