Vulnerabilities > Koha Community

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-11	CVE-2023-44961	SQL Injection vulnerability in Koha-Community Koha Library Software SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. network low complexity koha-community CWE-89	7.5
2023-10-11	CVE-2023-44962	Unrestricted Upload of File with Dangerous Type vulnerability in Koha-Community Koha Library Software File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component. network low complexity koha-community CWE-434	5.3

Vulnerabilities > Koha Community {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Koha Community"}]}