CVE-2015-4633

CRITICAL

Koha < 3.14.16 - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2) remote authenticated users to execute arbitrary SQL commands via the Filter or (3) Criteria parameter to reports/borrowers_out.pl in the Staff interface.

Exploits (1)

exploitdb WRITEUP

by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos · textwebappsphp

https://www.exploit-db.com/exploits/37387

View Code ZIP pw:eip

References (10)

[Exploit, Issue Tracking] https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14412

[Exploit, Issue Tracking, Third Party Advisory] https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14426

[Release Notes] https://koha-community.org/koha-3-14-16-released/

[Release Notes] https://koha-community.org/security-release-koha-3-16-12/

[Release Notes] https://koha-community.org/security-release-koha-3-18-8/

[Release Notes] https://koha-community.org/security-release-koha-3-20-1/

[Exploit, Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/132458/Koha-ILS-3.20.x-CSRF-XSS-Traversal-SQL-Injection.html

[Exploit, Mailing List, Third Party Advisory] https://seclists.org/fulldisclosure/2015/Jun/80

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/37387/

[Exploit, Release Notes, Third Party Advisory] https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/

Scores

CVSS v3 9.8

EPSS 0.0388

EPSS Percentile 88.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

koha/koha 3.14.00 - 3.14.16

Published Oct 18, 2018

Tracked Since Feb 18, 2026