CVE-2014-3719: Ex Libris ALEPH 500 review_m.cgi SQL injection

2014-05-15T00:00:00
ID CVE-2014-3719
Type cve
Reporter NVD
Modified 2014-05-15T00:00:00

Description

Ex Libris ALEPH 500 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the review_m.cgi script using the lib parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.