Lucene search
K

43 matches found

CVE
CVE
added 2020/01/30 7:3 p.m.63 views

CVE-2014-3718

CVE-2014-3718 affects Ex Libris ALEPH 500 (Integrated library management system) where multiple XSS vulnerabilities exist in the CGI script cgi-bin/tag_m.cgi. The affected components are the web interface parameters (1) find, (2) lib, and (3) sid, enabling remote attackers to inject arbitrary web...

6.1CVSS6AI score0.00968EPSS
Exploits2References2Affected Software1
Openbugbounty
Openbugbounty
added 2017/09/15 2:19 p.m.9 views

z3950.libris.kb.se XSS vulnerability

Vulnerable URL: http://z3950.libris.kb.se/hitlist?d=libris=%3cscript%3e+alert%27OPENBUGBOUNTY%27+%3c%2fscript%3e=simp=true=true=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

6.3AI score
Exploits0
NVD
NVD
added 2015/01/02 8:59 p.m.25 views

CVE-2014-7294

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

5.8CVSS6.7AI score0.02036EPSS
Exploits1References3
Prion
Prion
added 2015/01/02 8:59 p.m.13 views

Open redirect

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

5.8CVSS7.1AI score0.02036EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/01/02 8:59 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS6.2AI score0.00931EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2015/01/02 8:59 p.m.14 views

CVE-2014-7293

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS5.8AI score0.00931EPSS
Exploits1References2
CVE
CVE
added 2015/01/02 8:0 p.m.38 views

CVE-2014-7294

CVE-2014-7294 is an open redirect vulnerability in the logon page of Ex Libris Patron Directory Services (PDS) OpenSSO Integration 2.1 and earlier . The root cause is improper redirect handling in the login flow, allowing remote attackers to craft a URL with a redirect target in the url parameter...

5.8CVSS6.9AI score0.02036EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2015/01/02 8:0 p.m.27 views

CVE-2014-7294

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

6.7AI score0.02036EPSS
Exploits1References3
CVE
CVE
added 2015/01/02 8:0 p.m.39 views

CVE-2014-7293

CVE-2014-7293 describes a cross-site scripting (XSS) vulnerability on the login page of NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS). The issue allows remote attackers to inject arbitrary web script or HTML via the url parameter. According to the record, t...

4.3CVSS5.9AI score0.00931EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2015/01/02 8:0 p.m.20 views

CVE-2014-7293

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

5.8AI score0.00931EPSS
Exploits1References2
CNVD
CNVD
added 2014/12/31 12:0 a.m.1 views

Ex Libris Patron Directory Services Cross-Site Scripting Vulnerability

Ex Libris is a global provider of library automation technology. A cross-site scripting vulnerability exists in Ex Libris Patron Directory Services due to the program failing to properly filter user-supplied input. An attacker could exploit this vulnerability to execute arbitrary script code or...

4.3CVSS6.8AI score0.00931EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2014/12/29 12:0 a.m.46 views

Ex Libris Patron Directory Services 2.1 Cross Site Scripting

CVE-2014-7293 Ex Libris Patron Directory Services PDS XSS Cross-Site Scripting Security Vulnerability Exploit Title: Ex Libris Patron Directory Services PDS Logon Page url Parameter XSS Product: Ex Libris Patron Directory Services PDS Vendor: Ex Libris Vulnerable Versions: 2.1 and probability pri...

4.3CVSS0.00931EPSS
Exploits1
Packet Storm
Packet Storm
added 2014/12/29 12:0 a.m.47 views

Ex Libris Patron Directory Services 2.1 Open Redirect

CVE-2014-7294 Ex Libris Patron Directory Services PDS Open Redirect Security Vulnerability Exploit Title: Ex Libris Patron Directory Services PDS Logon Page url Parameter Open Redirect Product: Ex Libris Patron Directory Services PDS Vendor: Ex Libris Vulnerable Versions: 2.1 and probability prio...

5.8CVSS6.8AI score0.02036EPSS
Exploits1
Packet Storm
Packet Storm
added 2014/05/16 12:0 a.m.61 views

Aleph 500 SQL Injection

Greetings: I found on a ALEPH500 Integrated library management system SQL Injection Vulnerabilityï¼›CVE-ID is CVE-2014-3719. Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to pursue the essence of philosophy is flexible and easy to use. Ex Libr...

7.1CVSS9.7AI score0.0199EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/05/15 12:0 a.m.66 views

Aleph 500 Cross Site Scripting

Greetings: a ALEPH500 Integrated library management system Cross Site Scripting£»CVE-ID is CVE-2014-3718. Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to pursue the essence of philosophy is flexible and easy to use. Ex Libris is the world...

6.4AI score0.00968EPSS
Exploits2
NVD
NVD
added 2007/07/17 10:30 p.m.16 views

CVE-2007-3834

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

4.3CVSS5.3AI score0.01307EPSS
Exploits0References5
NVD
NVD
added 2007/07/17 10:30 p.m.16 views

CVE-2007-3835

Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...

2.6CVSS5.6AI score0.01307EPSS
Exploits0References8
Prion
Prion
added 2007/07/17 10:30 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

4.3CVSS5.3AI score0.01307EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/07/17 10:30 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...

2.6CVSS5.9AI score0.01307EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/07/17 10:0 p.m.18 views

CVE-2007-3834

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

5.3AI score0.01307EPSS
Exploits0References5
Rows per page
Query Builder