160 matches found
CVE-2021-45477
CVE-2021-45477 affects Bordam Information Technologies’ Library Automation System, with the vulnerability rooted in improper handling of parameters in the system prior to version 19.2. This leads to potential collection of data provided by users (confidentiality impact). Multiple connected source...
YORDAM University Library Automation System 安全漏洞
YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...
PT-2023-12559 · Bordam Information Technologies · Bordam Information Technologies Library Automation System
Name of the Vulnerable Software and Affected Versions: Bordam Information Technologies Library Automation System versions prior to 19.2 Description: The issue is related to improper handling of parameters, allowing data collection as provided by users. Recommendations: For versions prior to 19.2,...
PT-2023-12561 · Unknown · Library Automation System
Name of the Vulnerable Software and Affected Versions: Library Automation System versions prior to 19.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, which allows Stored XSS in the Library Automation System. This can lead to the execution of...
PT-2023-12560 · Bordam Information Technologies · Bordam Information Technologies Library Automation System
Name of the Vulnerable Software and Affected Versions: Bordam Information Technologies Library Automation System versions prior to 19.2 Description: The issue is related to improper handling of parameters, allowing data collection as provided by users. Recommendations: For versions prior to 19.2,...
The vulnerability of the Apex-VUZ education automation system, related to the use of strictly encrypted user data, allows a perpetrator to gain full access to the software environment.
The vulnerability of the Apex-VUZ education automation system is related to the use of strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to gain full access to the software environment...
Siemens APOGEE/TALON Field Panels Privilege Management Vulnerability
APOGEE PXC Modular and Compact Series Direct Digital Control DDC devices, part of the APOGEE Automation System. TALON TC Modular and Compact Series Direct Digital Control DDC devices, part of the TALON Automation System. Siemens APOGEE/TALON Field Panels contain a privilege management vulnerabili...
PT-2022-6295 · Unknown · Apex-Vuz Automation System
Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the messaging component of the custom file upload module in the Apex-VUZ automation system. It involves the unrestricted upload of dangerous file...
PT-2022-6301 · Unknown · Apex-Vuz Automation System
Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the component responsible for creating new accounts in the Apex-VUZ automation system. It is associated with inadequate control over interaction...
PT-2022-6297 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the use of hardcoded credentials in the Апекс-ВУЗ education automation system. Exploitation of this issue may allow a remote attacker to gain full access to the...
PT-2022-6293 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the password reset mechanism in the education automation system, which uses the SHA-1 encryption algorithm with insufficient strength. This could allow a remote...
CVE-2022-2266
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...
Cross site scripting
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...
CVE-2022-2266
CVE-2022-2266 involves the University Library Automation System from Yordam Bilgi Teknolojileri, with versions prior to 19.2 vulnerable to an unauthenticated Reflected XSS vulnerability. The flaw is documented across multiple sources (NVD, CVE lists, and third-party advisories) and is described a...
CVE-2022-2266 Reflected XSS University Library Automation System
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...
CVE-2022-2266 Reflected XSS University Library Automation System
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...
CVE-2022-2266
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...
PT-2022-15608 · Unknown · University Library Automation System
Name of the Vulnerable Software and Affected Versions: University Library Automation System versions prior to 19.2 Description: The issue is related to an unauthenticated Reflected XSS vulnerability. This vulnerability has been fixed in version 19.2. Recommendations: For versions prior to 19.2,...
YORDAM University Library Automation System 跨站脚本漏洞
YORDAM University Library Automation System is a university library automation system from YORDAM. A cross-site scripting vulnerability exists in YORDAM University Library Automation System versions prior to 19.2. An attacker could exploit this vulnerability to conduct cross-site scripting attack...
CVE-2022-0495 SQL Injection in KOHA
The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01...