58 matches found
EUVD-2017-4157
Malware in sbrugna...
EUVD-2018-4611
Malware in sbrugna...
EUVD-2018-4610
Malware in sbrugna...
EUVD-2017-4155
Malware in sbrugna...
EUVD-2021-32509
Malicious code in bioql PyPI...
CVE-2021-45791
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...
CVE-2017-12585
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAXlookuphandler.php tableName and tableFields parameters, admin/AJAXcheckid.php, and admin/AJAXvocabolarycontrol.php. It can be exploited by remote authenticated librarian users...
akasiayachting.com Cross Site Scripting vulnerability OBB-3774010
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Slims8 Akasia SQL Injection Vulnerability
Slims8 Akasia is a software of the Slims community in Indonesia. It is used for library resource management e.g. books, journals, digital documents and other library materials and administration.An SQL injection vulnerability exists in Slims8 Akasia version 8.3.1, which stems from missing SQL...
CVE-2021-45791
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...
CVE-2021-45791
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...
Sql injection
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...
CVE-2021-45791
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...
CVE-2021-45791
CVE-2021-45791 affects Slims8 Akasia 8.3.1. A SQL injection exists in multiple admin modules (bibliography, member_type, user_group, membership index) via the dir parameter, due to insufficient input escaping/validation. Exploitation is described as feasible by remotely authenticated librarian us...
SLiMS 8 Akasia Circulation Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Circulation module is one of the circulation modules. A cross-site scripting vulnerability exists in the Circulation module in SLiMS 8 Akasia version 8.3.1. A remote attacker can exploit this vulnerability to obtain an administrator...
SLiMS 8 Akasia Bibliography Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Bibliography module is one of the bibliographic synopsis modules. A cross-site scripting vulnerability exists in the Bibliography module in SLiMS 8 Akasia version 8.3.1. A remote attacker can use...
SLiMS 8 CSRF Protection Bypass Vulnerability
SLiMS 8 Akasia is an open source, free library management system. A security vulnerability exists in SLiMS 8 Akasia version 8.3.1. A remote attacker can exploit the vulnerability by removing the 'csrftoken' parameter to bypass cross-site request forgery protection and gain administrator access...
SLiMS 8 Akasia Membership Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Membership module is one of the membership management modules. A cross-site scripting vulnerability exists in the Membership module in SLiMS 8 Akasia version 8.3.1. A remote attacker can use...
SLiMS 8 Akasia Master File Module Cross-Site Scripting Vulnerability
SLiMS 8 Akasia is an open source, free library management system.Master File module is one of the file storage modules. A cross-site scripting vulnerability exists in the Master File module in SLiMS 8 Akasia version 8.3.1. A remote attacker can use admin/modules/masterfile/rdacmc.php?keywords= UR...
Cross site scripting
Reflected Cross-Site Scripting XSS exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loanrules.php?keywords= URI, a related issue to CVE-2017-7242...