230 matches found
SLiMS 9 Bulian SQL注入漏洞
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. An SQL injection vulnerability exists in SLiMS 9 Bulian version 9.0.0, which stem...
CVE-2023-40969
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery SSRF via admin/modules/bibliography/popp2p.php...
CVE-2022-38291
SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting XSS vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search bar...
CVE-2022-38292
SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3950sru.php...
CVE-2025-65233
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
CVE-2025-65233
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
CVE-2025-65233
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
CVE-2025-65233
CVE-2025-65233 affects SLiMS (slims9_bulian) prior to 9.6.0. The vulnerability is a reflected XSS in index.php/sysconfig.inc.php caused by improper handling of $_SERVER['PHP_SELF'], allowing remote attackers to trigger arbitrary JavaScript in victims’ browsers via a crafted URL path. Data in conn...
CVE-2025-65233
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
CVE-2025-65233
Reflected cross-site scripting XSS in SLiMS slims9bulian before 9.6.0 via improper handling of $SERVER'PHPSELF' in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path...
SLiMS 安全漏洞
SLiMS Senayan Library Management System is a free library management system from SLiMS open source. A security vulnerability exists in SLiMS versions prior to 9.6.0, which stems from improper handling of $SERVERPHPSELF in index.php/sysconfig.inc.php, which could lead to a reflected cross-site...
PT-2025-51876
Name of the Vulnerable Software and Affected Versions SLiMS slims9 bulian versions prior to 9.6.0 Description The software contains a reflected cross-site scripting XSS issue due to improper handling of the $ SERVER'PHP SELF' variable in the index.php/sysconfig.inc.php file. This allows a remote...
CVE-2025-61488
An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...
EUVD-2017-4157
Malware in sbrugna...
EUVD-2017-16239
Malware in sbrugna...
EUVD-2018-4612
Malware in sbrugna...
EUVD-2017-4156
Malware in sbrugna...
EUVD-2018-4613
Malware in sbrugna...
EUVD-2018-4614
Malware in sbrugna...
EUVD-2018-4611
Malware in sbrugna...