106 matches found
Slims9 Bulian 9.4.2 - SQL Injection
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...
CVE-2022-50805
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive...
CVE-2022-50805 Senayan Library Management System 9.0.0 - SQL Injection
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive...
PT-2026-2362
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive...
CVE-2023-40970
Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loanrules.php...
CVE-2023-40969
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery SSRF via admin/modules/bibliography/popp2p.php...
EUVD-2025-203916
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
EUVD-2025-35092
An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...
CVE-2025-61488
An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...
EUVD-2022-46400
Malicious code in bioql PyPI...
EUVD-2022-46401
Malicious code in bioql PyPI...
EUVD-2022-40884
Malicious code in bioql PyPI...
EUVD-2025-12648
Malicious code in bioql PyPI...
EUVD-2023-50258
Malicious code in bioql PyPI...
EUVD-2023-45509
Malicious code in bioql PyPI...
EUVD-2023-45508
Malicious code in bioql PyPI...
EUVD-2022-40883
Malicious code in bioql PyPI...
EUVD-2025-3062
Malicious code in bioql PyPI...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2024-25288
SLIMS Senayan Library Management Systems 9 Bulian v9.6.1 is vulnerable to SQL Injection via pop-scope-vocabolary.php...