Vulnerabilities > I Librarian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-31 | CVE-2022-47854 | Unrestricted Upload of File with Dangerous Type vulnerability in I-Librarian 4.10 i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php. | 9.8 |
| 2017-11-17 | CVE-2017-1000235 | OS Command Injection vulnerability in I-Librarian I Librarian I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised. | 10.0 |