Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL...
9.9CVSS
8.5AI Score
0.001EPSS
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component...
6.1CVSS
6AI Score
0.001EPSS
SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token...
8.8CVSS
8.7AI Score
0.002EPSS
Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords=...
6.1CVSS
6AI Score
0.001EPSS
Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords=...
6.1CVSS
6AI Score
0.001EPSS
Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords=...
6.1CVSS
6AI Score
0.001EPSS
Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to...
6.1CVSS
6AI Score
0.001EPSS
Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords=...
6.1CVSS
6AI Score
0.001EPSS