← volver
CVE-2014-1924

CVE-2014-1924

EPSS 2.0%
The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11666http://koha-community.org/security-release-february-2014/http://www.openwall.com/lists/oss-security/2014/02/07/10http://www.openwall.com/lists/oss-security/2014/02/10/3