Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier allow remote attackers to execute arbitrary SQL commands via the subject_type_id parameter in (1) the index page and (2) the search module.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Keystone_digital_library_suite | Index_data_aps | * | 1.5.4 (including) |