CVE-2024-36058 | Koha Library up to 23.05.9 POST Parameter opac-sendbasket.pl bib_list sql injection

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability has been found in Koha Library up to 23.05.9 and classified as critical. Affected is an unknown function of the file /cgi-bin/koha/opac-sendbasket.pl of the component POST Parameter Handler. Performing a manipulation of the argument bib_list results in sql injection.

This vulnerability is reported as CVE-2024-36058. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2024-36058 | Koha Library up to 23.05.9 POST Parameter opac-sendbasket.pl bib_list sql injection

Post correlati

CVE-2025-25243 | SAP Supplier Relationship Management 7.52 Master Data Management Catalog path traversal

CVE-2025-14749 | Ningyuanda TC155 57.0.2.0 ONVIF PTZ Control Interface /onvif/device_service access control

CVE-2025-0434 | Google Chrome up to 131.0.6778.264 V8 out-of-bounds

CVE-2024-24914 | Check Point ClusterXL R81/R81.10/R81.20 Global Variable improper control of dynamically-identified variables