← voltar
CVE-2014-1924

CVE-2014-1924

EPSS 2.0%
The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11666http://koha-community.org/security-release-february-2014/http://www.openwall.com/lists/oss-security/2014/02/07/10http://www.openwall.com/lists/oss-security/2014/02/10/3