Exlibrisgroup » Aleph 500 : Security Vulnerabilities, CVEs,

CVE-2022-24177

A cross-site scripting (XSS) vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML.
Max CVSS
6.1
EPSS Score
0.08%
Published
2022-03-10
Updated
2022-03-16

CVE-2014-3719

Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter.
Max CVSS
9.8
EPSS Score
0.29%
Published
2020-01-30
Updated
2020-02-05

CVE-2014-3718

Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter.
Max CVSS
6.1
EPSS Score
0.54%
Published
2020-01-30
Updated
2020-02-03
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close