43 matches found
CVE-2014-3718
CVE-2014-3718 affects Ex Libris ALEPH 500 (Integrated library management system) where multiple XSS vulnerabilities exist in the CGI script cgi-bin/tag_m.cgi. The affected components are the web interface parameters (1) find, (2) lib, and (3) sid, enabling remote attackers to inject arbitrary web...
z3950.libris.kb.se XSS vulnerability
Vulnerable URL: http://z3950.libris.kb.se/hitlist?d=libris=%3cscript%3e+alert%27OPENBUGBOUNTY%27+%3c%2fscript%3e=simp=true=true=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...
Open redirect
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2014-7293
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2014-7294
CVE-2014-7294 is an open redirect vulnerability in the logon page of Ex Libris Patron Directory Services (PDS) OpenSSO Integration 2.1 and earlier . The root cause is improper redirect handling in the login flow, allowing remote attackers to craft a URL with a redirect target in the url parameter...
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...
CVE-2014-7293
CVE-2014-7293 describes a cross-site scripting (XSS) vulnerability on the login page of NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS). The issue allows remote attackers to inject arbitrary web script or HTML via the url parameter. According to the record, t...
CVE-2014-7293
Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...
Ex Libris Patron Directory Services Cross-Site Scripting Vulnerability
Ex Libris is a global provider of library automation technology. A cross-site scripting vulnerability exists in Ex Libris Patron Directory Services due to the program failing to properly filter user-supplied input. An attacker could exploit this vulnerability to execute arbitrary script code or...
Ex Libris Patron Directory Services 2.1 Cross Site Scripting
CVE-2014-7293 Ex Libris Patron Directory Services PDS XSS Cross-Site Scripting Security Vulnerability Exploit Title: Ex Libris Patron Directory Services PDS Logon Page url Parameter XSS Product: Ex Libris Patron Directory Services PDS Vendor: Ex Libris Vulnerable Versions: 2.1 and probability pri...
Ex Libris Patron Directory Services 2.1 Open Redirect
CVE-2014-7294 Ex Libris Patron Directory Services PDS Open Redirect Security Vulnerability Exploit Title: Ex Libris Patron Directory Services PDS Logon Page url Parameter Open Redirect Product: Ex Libris Patron Directory Services PDS Vendor: Ex Libris Vulnerable Versions: 2.1 and probability prio...
Aleph 500 SQL Injection
Greetings: I found on a ALEPH500 Integrated library management system SQL Injection Vulnerabilityï¼›CVE-ID is CVE-2014-3719. Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to pursue the essence of philosophy is flexible and easy to use. Ex Libr...
Aleph 500 Cross Site Scripting
Greetings: a ALEPH500 Integrated library management system Cross Site Scripting£»CVE-ID is CVE-2014-3718. Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to pursue the essence of philosophy is flexible and easy to use. Ex Libris is the world...
CVE-2007-3834
Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...
CVE-2007-3835
Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...
Cross site scripting
Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...
CVE-2007-3834
Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...