Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-30	CVE-2014-3719	SQL Injection vulnerability in Exlibrisgroup Aleph 500 18.1/20.0 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter. network low complexity exlibrisgroup CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.