Security for everyone

CVE-2018-16139 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in BIBLIOsoft BIBLIOpac affects v. 2008.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2018-16139 Scanner Detail

BIBLIOsoft BIBLIOpac 2008 is a web-based integrated library system (ILS) that is used by libraries across the world. It is designed to manage library collections, automate library functions, and help librarians provide better service to their patrons. BIBLIOpac is an essential tool for libraries of all sizes and types, providing them with a comprehensive suite of features for managing their collections.

One of the most significant vulnerabilities detected in BIBLIOsoft BIBLIOpac 2008 is CVE-2018-16139. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML via the db or action parameter to bin/wxis.exe/bibliopac/. This means that an attacker can manipulate library data or steal sensitive information, such as user names and passwords, from the system. This vulnerability is dangerous as it allows an attacker to execute arbitrary code on the system, potentially leading to a complete compromise of data.

If exploited, this vulnerability can lead to disastrous consequences, such as unauthorized access to sensitive information, data loss, and system downtime. As the vulnerability can be exploited remotely, it poses an imminent threat to library systems globally. Hackers can use this vulnerability to launch more significant and complex attacks on the system, leading to comprehensive data breaches.

In conclusion, BIBLIOsoft BIBLIOpac 2008 is an essential tool for libraries worldwide. However, it is not invulnerable, and like any other digital tool, it needs to be monitored regularly for vulnerabilities. The CVE-2018-16139 vulnerability can result in severe consequences if exploited, and users must take precautions to prevent it. By using the pro features of the platform, users can learn about vulnerabilities in their digital assets quickly and efficiently, allowing them to protect their systems better.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture