mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.0 KiB
1.0 KiB
CVE-2025-30076
&color=brightgreen)
Description
Koha before 24.11.02 allows admins to execute arbitrary commands via shell metacharacters in the tools/scheduler.pl report parameter.
POC
Reference
- https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39170
- https://github.com/gl0wyy/koha-task-scheduler-rce