VYPR
Vendor

Koha Library Management System

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2025-57119CriSep 16, 2025
    risk 0.64cvss 9.8epss 0.01

    An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function

  • CVE-2025-52360HigJul 25, 2025
    risk 0.57cvss 8.8epss 0.00

    A Cross-Site Scripting (XSS) vulnerability exists in the OPAC search feature of Koha Library Management System v24.05. Unsanitized input entered in the search field is reflected in the search history interface, leading to the execution of arbitrary JavaScript in the browser…

  • CVE-2024-24336HigMar 19, 2024
    risk 0.53cvss 8.1epss 0.00

    A multiple Cross-site scripting (XSS) vulnerability in the '/members/moremember.pl', and ‘/members/members-home.pl’ endpoints within Koha Library Management System version 23.05.05 and earlier allows malicious staff users to carry out CSRF attacks, including unauthorized…