3 matches found
CVE-2022-24177
CVE-2022-24177 affects Ex Libris ALEPH 500, specifically the cgi-bin/ej.cgi component in versions v18.1 and v20, where a cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML. The available connected documents confirm the affected product and the vulne...
CVE-2014-3719
CVE-2014-3719 describes multiple SQL injection vulnerabilities in the Ex Libris ALEPH 500 system (Integrated Library Management System), affecting versions 18.1 and 20. The flaw resides in the CGI script cgi-bin/review_m.cgi and can be triggered via the find, lib, or sid parameters to cause execu...
CVE-2014-3718
CVE-2014-3718 affects Ex Libris ALEPH 500 (Integrated library management system) where multiple XSS vulnerabilities exist in the CGI script cgi-bin/tag_m.cgi. The affected components are the web interface parameters (1) find, (2) lib, and (3) sid, enabling remote attackers to inject arbitrary web...