Vulnerabilities > I Librarian > I Librarian > 4.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-31 | CVE-2022-47854 | Unrestricted Upload of File with Dangerous Type vulnerability in I-Librarian 4.10 i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php. | 9.8 |
| 2019-04-22 | CVE-2019-11449 | Cross-site Scripting vulnerability in I-Librarian I, Librarian 4.10 I, Librarian 4.10 has XSS via the notes.php notes parameter. | 4.3 |
| 2019-04-22 | CVE-2019-11428 | Cross-site Scripting vulnerability in I-Librarian I, Librarian 4.10 I, Librarian 4.10 has XSS via the export.php export_files parameter. | 4.3 |
| 2019-04-20 | CVE-2019-11359 | Cross-site Scripting vulnerability in I-Librarian I, Librarian 4.10 Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter. | 4.3 |