60 matches found
Slims9 Bulian 9.4.2 - SQL Injection
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...
EUVD-2025-35092
An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...
EUVD-2025-3062
Malicious code in bioql PyPI...
EUVD-2022-40884
Malicious code in bioql PyPI...
EUVD-2022-40883
Malicious code in bioql PyPI...
EUVD-2022-46400
Malicious code in bioql PyPI...
EUVD-2022-46401
Malicious code in bioql PyPI...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2022-43361
Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting XSS vulnerability via the component popchart.php...
CVE-2022-43362
Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loanbyclass.php...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2025-22980
A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...
CVE-2025-22980
This entry documents a SQL Injection vulnerability in Senayan Library Management System SLiMS 9 Bulian 9.6.1, exploitable via the tempLoanID parameter in the loan form at /admin/modules/circulation/loan.php. The CVSS metrics indicate a Network attack vector with Low attack complexity, requiring H...
CVE-2023-48893
SLiMS aka SENAYAN Library Management System through 9.6.1 allows admin/modules/reporting/customs/staffact.php SQL Injection via startDate or untilDate...
CVE-2023-48813
CVE-2023-48813 affects Senayan Library Management System (Slims) 9 Bulian v9.6.1. A SQL Injection vulnerability exists in admin/modules/reporting/customs/fines_report.php due to unsafe handling of input. The issue is exploitable via that endpoint, with a high impact (C/H/I/A = high as per CVSS) a...
CVE-2023-40970
Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loanrules.php...
PT-2023-27726 · Senayan Library Management System · Slims
Name of the Vulnerable Software and Affected Versions: Senayan Library Management Systems SLIMS 9 Bulian version 9.6.1 Description: The issue concerns SQL Injection. It affects the admin/modules/circulation/loan rules.php endpoint. Recommendations: For version 9.6.1, consider restricting access t...
PT-2023-27724 · Senayan Library Management System · Slims
Name of the Vulnerable Software and Affected Versions: Senayan Library Management Systems SLIMS 9 Bulian version 9.6.1 Description: The issue is related to Server Side Request Forgery SSRF and can be exploited via the "admin/modules/bibliography/pop p2p.php" endpoint. This allows for potentially...