Vulnerabilities > Exlibrisgroup > Aleph 500 > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-30 CVE-2014-3719 SQL Injection vulnerability in Exlibrisgroup Aleph 500 18.1/20.0
Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter.
network
low complexity
exlibrisgroup CWE-89
critical
 9.8
9.8