Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

142 matches found

RedhatCVE
RedhatCVEadded 2026/04/08 5:0 a.m.0 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS6.1AI score0.00023EPSS
Exploits1References1
NVD
NVDadded 2026/04/07 5:16 p.m.0 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS0.00023EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.0 views

PT-2026-30881

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib list in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00023EPSS
Exploits1References5
CVE
CVEadded 2026/04/07 12:0 a.m.2 views

CVE-2024-36058

CVE-2024-36058 (Koha) is a time-based SQL injection affecting the Send Basket feature. Vulnerable in Koha Library before 23.05.10, the issue stems from unsanitized POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, enabling a library user to read arbitrary data from the database. Multip...

9.8CVSS6.1AI score0.00023EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/04/07 12:0 a.m.2 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00023EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/11/27 4:59 p.m.2 views

CVE-2025-61167

SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...

6.5CVSS8.4AI score0.00029EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/25 9:32 p.m.2 views

EUVD-2025-199634

SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...

6.5CVSS7.9AI score0.00029EPSS
Exploits0References5
OSV
OSVadded 2025/11/25 7:15 p.m.0 views

CVE-2025-61167

SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...

6.5CVSS5.8AI score0.00029EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/11/25 12:0 a.m.2 views

PT-2025-48069

Name of the Vulnerable Software and Affected Versions SIGB PMB version 8.0.1.14 Description The software contains multiple SQL injection flaws in the /opac css/ajax selector.php component. These flaws are triggered through the id and datas parameters. The component is susceptible to manipulation...

6.5CVSS7.6AI score0.00029EPSS
Exploits0References8
CNNVD
CNNVDadded 2025/11/25 12:0 a.m.2 views

SIGB PMB 安全漏洞

SIGB PMB is an open source integrated library management system from SIGB. A security vulnerability exists in SIGB PMB version v8.0.1.14, which stems from improper handling of the parameters id and datas in the component /opaccss/ajaxselector.php, which could lead to a SQL injection attack...

6.5CVSS7.7AI score0.00029EPSS
Exploits0References5
CVE
CVEadded 2025/11/25 12:0 a.m.3 views

CVE-2025-61167

SIGB PMB v8.0.1.14 contains multiple SQL injection vulnerabilities in the /opac_css/ajax_selector.php component, exploitable via the id and datas parameters. Root cause: improper handling of user-supplied input in that endpoint allows SQL commands to be injected, potentially leading to unauthoriz...

6.5CVSS8.1AI score0.00029EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-3388

Malware in sbrugna...

6.8CVSS6.4AI score0.00142EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2015-4652

Malware in sbrugna...

9.8CVSS9.3AI score0.0369EPSS
Exploits8References12
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-13853

Malware in sbrugna...

4CVSS4.6AI score0.00144EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-9181

Malware in sbrugna...

9.8CVSS9.5AI score0.01411EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-47208

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.02095EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/17 1:2 p.m.7 views

CVE-2025-10592 itsourcecode Online Public Access Catalog OPAC POST Parameter mysearch.php sql injection

A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...

6.5CVSS0.00058EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/09/17 12:0 a.m.1 views

itsourcecode Online Public Access Catalog OPAC SQL注入漏洞

itsourcecode Online Public Access Catalog OPAC is an online public access catalog of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Public Access Catalog OPAC, which stems from incorrect manipulation of the parameters searchfield and searchtex...

8.8CVSS6.9AI score0.00058EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/05/23 8:34 a.m.8 views

CVE-2024-6050

Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting XSS. An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC...

6.1CVSS6.3AI score0.02095EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/28 12:0 a.m.2 views

PT-2025-2793 · Autolib Software Systems · Autolib Software Systems Opac

Name of the Vulnerable Software and Affected Versions: AutoLib Software Systems OPAC version 20.10 Description: The issue concerns exposed API keys within the source code. Attackers may use these keys to access the backend API or other sensitive information. Recommendations: For AutoLib Software...

7.5CVSS7.2AI score0.00203EPSS
Exploits1References5
Rows per page
Query Builder