Lucene search
K

7 matches found

OSV
OSV
added 2022/03/17 11:15 a.m.21 views

CVE-2021-45791

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...

8.8CVSS7.7AI score0.00954EPSS
Exploits1References1
NVD
NVD
added 2022/03/17 11:15 a.m.11 views

CVE-2021-45791

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/membertype.php, /admin/modules/system/usergroup.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users...

8.8CVSS0.00954EPSS
Exploits1References1
OSV
OSV
added 2017/08/06 3:29 a.m.16 views

CVE-2017-12585

SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAXlookuphandler.php tableName and tableFields parameters, admin/AJAXcheckid.php, and admin/AJAXvocabolarycontrol.php. It can be exploited by remote authenticated librarian users...

8.8CVSS7.7AI score
Exploits0References1
Prion
Prion
added 2017/08/06 3:29 a.m.17 views

Sql injection

SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAXlookuphandler.php tableName and tableFields parameters, admin/AJAXcheckid.php, and admin/AJAXvocabolarycontrol.php. It can be exploited by remote authenticated librarian users...

6.5CVSS8.8AI score0.01745EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/08/06 3:0 a.m.60 views

CVE-2017-12586

The CVE-2017-12586 issue affects SLiMS 8 Akasia up to version 8.3.1. Affected component: admin/help.php URL parameter handling, where a directory traversal flaw allows arbitrary file reading. It can be exploited by remote authenticated librarian users. The connected sources confirm the vulnerabil...

6.5CVSS6.3AI score0.02666EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/08/06 3:0 a.m.23 views

CVE-2017-12585

SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAXlookuphandler.php tableName and tableFields parameters, admin/AJAXcheckid.php, and admin/AJAXvocabolarycontrol.php. It can be exploited by remote authenticated librarian users...

8.9AI score0.01745EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/08/06 3:0 a.m.42 views

CVE-2017-12586

SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian users...

6.4AI score0.02666EPSS
Exploits1References1
Rows per page
Query Builder