CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

CNVD•added 2022/03/14 12:0 a.m.•14 views

Ex libris ALEPH 500 Cross-Site Scripting Vulnerability

Ex libris ALEPH 500 is an integrated library system from the Israeli company Ex libris. ex libris ALEPH 500 v18.1 and v20 versions are vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker...

6.1CVSS2.4AI score0.0024EPSS

Exploits1References1

OSV•added 2022/03/10 5:45 p.m.•0 views

CVE-2022-24177

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6.5AI score

Exploits0References1

ATTACKERKB•added 2022/03/10 5:45 p.m.•2 views

CVE-2022-24177

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6.4AI score0.0024EPSS

Exploits1References2

NVD•added 2022/03/10 5:45 p.m.•6 views

CVE-2022-24177

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS0.0024EPSS

Exploits1References1

Prion•added 2022/03/10 5:45 p.m.•5 views

Cross site scripting

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

4.3CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/03/07 7:44 p.m.•8 views

CVE-2022-24177

A cross-site scripting XSS vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500 v18.1 and v20 allows attackers to execute arbitrary web scripts or HTML...

6.1AI score0.0024EPSS

Exploits1References1

CVE•added 2022/03/07 7:44 p.m.•74 views

CVE-2022-24177

CVE-2022-24177 affects Ex Libris ALEPH 500, specifically the cgi-bin/ej.cgi component in versions v18.1 and v20, where a cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML. The available connected documents confirm the affected product and the vulne...

6.1CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2020/01/30 8:15 p.m.•7 views

CVE-2014-3719

Multiple SQL injection vulnerabilities in cgi-bin/reviewm.cgi in Ex Libris ALEPH 500 Integrated library management system 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the 1 find, 2 lib, or 3 sid parameter...

9.8CVSS10AI score0.01237EPSS

Exploits2References2

NVD•added 2020/01/30 8:15 p.m.•9 views

CVE-2014-3718

Multiple cross-site scripting XSS vulnerabilities in cgi-bin/tagm.cgi in Ex Libris ALEPH 500 Integrated library management system 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the 1 find, 2 lib, or 3 sid parameter...

6.1CVSS6.1AI score0.00366EPSS

Exploits2References2

Prion•added 2020/01/30 8:15 p.m.•11 views

Sql injection

7.5CVSS9.2AI score0.01237EPSS

Exploits2References2Affected Software1

Prion•added 2020/01/30 8:15 p.m.•12 views

Cross site scripting

4.3CVSS6.1AI score0.00366EPSS

Exploits2References2Affected Software1

Cvelist•added 2020/01/30 7:3 p.m.•10 views

CVE-2014-3719

10AI score0.01237EPSS

Exploits2References2

CVE•added 2020/01/30 7:3 p.m.•64 views

CVE-2014-3719

CVE-2014-3719 describes multiple SQL injection vulnerabilities in the Ex Libris ALEPH 500 system (Integrated Library Management System), affecting versions 18.1 and 20. The flaw resides in the CGI script cgi-bin/review_m.cgi and can be triggered via the find, lib, or sid parameters to cause execu...

9.8CVSS10AI score0.01237EPSS

Exploits2References2Affected Software1

Cvelist•added 2020/01/30 7:3 p.m.•13 views

CVE-2014-3718

6.1AI score0.00366EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by