4 matches found
CVE-2017-12585
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAXlookuphandler.php tableName and tableFields parameters, admin/AJAXcheckid.php, and admin/AJAXvocabolarycontrol.php. It can be exploited by remote authenticated librarian users...
SLiMS 8 Akasia Membership Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Membership module is one of the membership management modules. A cross-site scripting vulnerability exists in the Membership module in SLiMS 8 Akasia version 8.3.1. A remote attacker can use...
SLiMS 8 Akasia Circulation Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Circulation module is one of the circulation modules. A cross-site scripting vulnerability exists in the Circulation module in SLiMS 8 Akasia version 8.3.1. A remote attacker can exploit this vulnerability to obtain an administrator...
SLiMS SQL Injection Vulnerability
SLiMS 8 Akasia is an open source, free library management system. An SQL injection vulnerability exists in the admin/AJAXlookuphandler.php file, the admin/AJAXcheckid.php file, and the admin/AJAXvocabolarycontrol.php file in SLiMS 8 Akasia 8.3.1 and earlier versions. A remote attacker can exploit...