Library Management System Security Vulnerabilities
A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been...
7.3CVSS
7.6AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated remotely. The exploit has....
7.3CVSS
7.5AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
9.8CVSS
9.7AI Score
0.001EPSS
Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via...
8.8CVSS
9AI Score
0.001EPSS
SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or...
8.8CVSS
9.2AI Score
0.001EPSS
SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the...
8.8CVSS
8.7AI Score
0.001EPSS
Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL...
9.9CVSS
8.5AI Score
0.001EPSS
Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via...
8.8CVSS
9AI Score
0.001EPSS
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via...
6.1CVSS
6.2AI Score
0.0005EPSS
SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device...
7.5CVSS
7.3AI Score
0.001EPSS
SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords...
7.5CVSS
7.8AI Score
0.002EPSS
Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component...
4.8CVSS
4.9AI Score
0.001EPSS
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile (including the password) can be updated without sending the current password. This allows remote attackers to trick a user into changing to an attacker-controlled password, a complete account takeover, via...
8.8CVSS
8.6AI Score
0.002EPSS
SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...
6.1CVSS
5.9AI Score
0.001EPSS
SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and...
9.8CVSS
9.5AI Score
0.002EPSS
In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component...
4.8CVSS
5AI Score
0.001EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the ok parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
8.8CVSS
8.9AI Score
0.001EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the title parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
A vulnerability was found in SourceCodester Library Management System. It has been declared as critical. This vulnerability affects unknown code of the file librarian/student.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. VDB-206170 is the....
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability classified as problematic was found in SourceCodester Library Management System. This vulnerability affects unknown code of the file /qr/I/. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The identifier of this...
6.1CVSS
6.1AI Score
0.001EPSS
A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument RollNo with the input admin' AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1' UNION ALL SELECT...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability was found in SourceCodester Library Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /librarian/bookdetails.php. The manipulation of the argument id with the input ' AND (SELECT 9198 FROM...
8.8CVSS
8.8AI Score
0.005EPSS
A vulnerability was found in SourceCodester Library Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/edit_admin_details.php?id=admin. The manipulation of the argument Name leads to cross site scripting. The...
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability was found in SourceCodester Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the component /card/index.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The...
8.8CVSS
8.7AI Score
0.002EPSS
Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be...
7.5CVSS
7.9AI Score
0.002EPSS
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be...
7.5CVSS
7.9AI Score
0.002EPSS