16 matches found
CVE-2026-26379
Koha versions up to 25.11 contain a Server-Side Request Forgery SSRF vulnerability via the Z39.50/SRU server configuration. This allows authenticated attackers to perform internal network scanning and identify running services by analyzing server response times...
PT-2026-46042
An issue in Koha v.25.11 and before allows a remote attacker to execute arbitrary code via the Z39.50 configuration module...
VulnCheck KEV: CVE-2023-24733
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...
CVE-2023-24737
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...
CVE-2023-24733
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...
z3950.de Cross Site Scripting vulnerability OBB-4041394
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-37177
SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated attacker to execute arbitrary code via the query parameter in the /admin/convert/exportz3950.php endpoint...
PMB SQL Injection Vulnerability
PMB is a 100% free document management reference tool from the PMB Services team. A SQL injection vulnerability exists in PMB version v.7.4.7 that originates from allowing an unauthenticated, remote attacker to execute arbitrary code via the query parameter in the /admin/convert/exportz3950.php...
CVE-2023-24737
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...
CVE-2023-24733
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...
CVE-2023-24737
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...
CVE-2023-24733
PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...
PMB 跨站脚本漏洞
PMB is a 100% free document management reference tool from the PMB Services team. A security vulnerability exists in PMB version v7.4.6, which was discovered to contain a Reflected Cross-Site Scripting XSS vulnerability via the query parameter in /admin/convert/exportz3950.php...
PMB 跨站脚本漏洞
PMB is a 100% free document management reference tool from the PMB Services team. A security vulnerability exists in PMB v7.4.6, which stems from the discovery of a query parameter containing a Reflected Cross-Site Scripting XSS vulnerability via the query parameter in...
PT-2023-19761 · Pmb · Pmb
Name of the Vulnerable Software and Affected Versions: PMB version 7.4.6 Description: A reflected cross-site scripting XSS issue was found in PMB via the query parameter at "/admin/convert/export z3950.php". This allows for potential malicious script execution. Recommendations: For PMB version...
z3950.libris.kb.se XSS vulnerability
Vulnerable URL: http://z3950.libris.kb.se/hitlist?d=libris=%3cscript%3e+alert%27OPENBUGBOUNTY%27+%3c%2fscript%3e=simp=true=true=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...