CVEPublished 2022-09-21Modified 2026-05-201 article on news4 live referencesNVD data

CVE-2022-0495Parantezteknoloji · Koha_library_automation

Vulnerability data via NVD (ingested)

CVSS v3.1
9.4
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
EPSS percentile
61
Exploit Prediction Scoring System · top 39% of all CVEs
Description

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.

Timeline
Published 2022-09-21
Modified 2026-05-20

External references

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

More intel sources (5)

Known PoCs on GitHub

No public proof-of-concept repositories found for CVE-2022-0495 on GitHub.