Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Koha SQL注入漏洞
Vulnerability Description
Koha是Koha组织的一个用于图书馆自动化管理建站系统。 Koha中的admin/import_export_framework.pl文件存在SQL注入漏洞。远程攻击者可借助特制HTTP请求利用该漏洞在系统上执行任意PHP代码。以下产品及版本受到影响:Koha 3.8.23之前版本,3.10.13之前的3.10.x版本、3.12.10之前的3.12.x版本,3.14.3之前的3.14.x版本。
CVSS Information
N/A
Vulnerability Type
N/A