7 matches found
Scilico I, Librarian Cross-Site Request Forgery Vulnerability
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A cross-site request forgery vulnerability exists in the users.php file in Scilico I, Librarian 4.8 and earlier versions. A remote attacker could exploit this vulnerability to change the...
Scilico I, Librarian 'id' Parameter Cross-Site Scripting Vulnerability
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A cross-site scripting vulnerability exists in the 'id' parameter of the stable.php file in Scilico I, Librarian 4.8 and earlier versions. A remote attacker can exploit this vulnerability to...
Scilico I, Librarian server-side request forgery vulnerability (CNVD-2018-06447)
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A security vulnerability exists in the 'url' parameter of getFromWeb in the functions.php file in Scilico I, Librarian 4.8 and earlier versions. An attacker can exploit this vulnerability to...
I, Librarian Catalog Enumeration Vulnerability
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A security vulnerability exists in the jqueryFileTree.php file in Scilico I, Librarian versions 4.6 and earlier and 4.7. An attacker can exploit the vulnerability to enumerate directories...
Scilico I, Librarian Server-Side Request Forgery Vulnerability
Scilico I, Librarian is the United States Scilico's set of online PDF document management system. Scilico I,Librarian 4.6 and earlier versions and 4.7 version of the ajaxsupplement.php file there is a server-side request forgery vulnerability. An attacker could exploit this vulnerability to reset...
I, Librarian OS Command Injection Vulnerability
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. An operating system command injection vulnerability exists in the batchimport.php file in Scilico I, Librarian versions 4.6 and earlier and 4.7. An attacker can exploit the vulnerability to...
I, Librarian Reflective Cross-Site Scripting Vulnerability
Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A cross-site scripting vulnerability exists in the temp.php file in Scilico I, Librarian versions 4.6 and earlier and 4.7. A remote attacker can exploit the vulnerability to inject malicious...