Lucene search

Slims Akasia Security Vulnerabilities

cve

CVE-2018-12659

SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token...

8.8CVSS

8.7AI Score

0.002EPSS

2018-06-22 03:29 PM

cve

CVE-2018-12654

Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords=...

6.1CVSS

6AI Score

0.001EPSS

2018-06-22 03:29 PM

cve

CVE-2018-12656

Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords=...

6.1CVSS

6AI Score

0.001EPSS

2018-06-22 03:29 PM

cve

CVE-2018-12658

Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords=...

6.1CVSS

6AI Score

0.001EPSS

2018-06-22 03:29 PM

cve

CVE-2018-12655

Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to...

6.1CVSS

6AI Score

0.001EPSS

2018-06-22 03:29 PM

cve

CVE-2018-12657

Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords=...

6.1CVSS

6AI Score

0.001EPSS

2018-06-22 03:29 PM