Skip to main content
Loading…
    CVE-2024-36057 — Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-ima — CVE Database · The Intelligence Room