3 matches found
CVE-2024-8409
Summary: CVE-2024-8409 affects ABCD2 up to 2.2.0-beta-1. The issue is in the /common/show_image.php handling of the image parameter, enabling path traversal via ../filedir. The vulnerability can be triggered remotely and an exploit has been disclosed publicly. Multiple connected sources corrobora...
CVE-2024-8410
CVE-2024-8410 affects ABCD ABCD2 up to 2.2.0-beta-1. The vulnerability is in the file /abcd/opac/php/otros_sitios.php where manipulating the parameter sitio enables a path traversal. It can be exploited remotely and the exploit has been disclosed publicly. Connected documents confirm the affected...
CVE-2024-8411
CVE-2024-8411 affects ABCD2 up to 2.2.0-beta-1. The vulnerability is a cross-site scripting flaw in the file /buscar_integrada.php caused by manipulation of the Sub_Expresion parameter. Exploitation is remote and publicly disclosed. Connected sources corroborate the issue but provide limited tech...