Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:i-librarian:i\,_librarian:3.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1000124 |
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea. Published: March 13, 2018; 5:29:00 PM -0400 |
V3.0: 10.0 CRITICAL V2.0: 7.5 HIGH |