8 matches found
CVE-2025-10592
A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...
CVE-2025-10592
A security vulnerability has been detected in itsourcecode Online Public Access Catalog OPAC 1.0. This impacts an unknown function of the file mysearch.php of the component POST Parameter Handler. Such manipulation of the argument searchfield/searchtext leads to sql injection. The attack may be...
CVE-2025-10592
CVE-2025-10592 affects itsourcecode Online Public Access Catalog OPAC 1.0. the vulnerability resides in the mysearch.php POST Parameter Handler where manipulating search_field/search_text enables SQL injection. exploitation appears remote and publicly disclosed; multiple sources corroborate an SQ...
AutoLib Software Systems OPAC 安全漏洞
AutoLib Software Systems OPAC is a library management software from AutoLib Software Systems. A security vulnerability exists in AutoLib Software Systems OPAC version v20.10, which stems from the exposure of multiple API keys in the code. An attacker could use these keys to access back-end APIs o...
CVE-2022-42991
A stored cross-site scripting XSS vulnerability in Simple Online Public Access Catalog v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Account Full Name field...
Logic flaw vulnerability in OPAC system of Beijing Chuangxun Future Software Technology Co.
OPAC system is a digital resource remote management system, commonly used in various university libraries and social libraries. There is a logic flaw vulnerability in the OPAC system of Beijing Chuangxun Future Software Technology Co., Ltd, which can be exploited by attackers to obtain sensitive...
CVE-2018-15869
An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...
CVE-2018-15869
An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...