24 matches found
PT-2024-21120 · Open Library Foundation · Vufind
Name of the Vulnerable Software and Affected Versions: Open Library Foundation VuFind versions 2.0 through 9.1 before 9.1.1 Description: A Server-Side Request Forgery SSRF vulnerability in the "/Upgrade/FixConfig" route allows a remote attacker to overwrite local configuration files to gain acces...
vufind.carli.illinois.edu XSS vulnerability
Vulnerable URL: https://vufind.carli.illinois.edu/vf-iwu/Search/Home?lookfor="';--over=1 Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 21:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
VuFind 1.0 Cross Site Scripting
VuFind 1.0 Web Application Reflected XSS Cross-site Scripting 0-Day Bug Security Issue Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability Product: VuFind Vendor: VuFind Vulnerable Versions: 1.0 Tested Version: 1.0 Advisory Publication: September 20, 2015...
vufind.library.cmu.edu XSS vulnerability
Open Bug Bounty ID: OBB-63879 Description| Value ---|--- Affected Website:| vufind.library.cmu.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...