Vendor
Opac Project
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-48310 | Hig | 0.49 | 7.5 | 0.01 | Jan 28, 2025 | AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information. | ||
| CVE-2015-3343 | 0.00 | — | 0.01 | Apr 21, 2015 | Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors. |
- risk 0.49cvss 7.5epss 0.01
AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information.
- CVE-2015-3343Apr 21, 2015risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors.