@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34363 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34363 Source advisory: SNYK:JS-PARSESERVER-15855398...

CVE-2023-40970

Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loanrules.php...

CVE-2025-64193

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

CVE-2025-64193

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

CVE-2023-48813

Senayan Library Management Systems Slims 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/finesreport.php...

CVE-2023-48893

SLiMS aka SENAYAN Library Management System through 9.6.1 allows admin/modules/reporting/customs/staffact.php SQL Injection via startDate or untilDate...

PT-2025-20386 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: Slims Senayan Library Management Systems version 9.6.1 Description: The issue is related to SQL Injection in the admin/modules/master file/item status.php file. This allows for potential exploitation. No information is provided about the...

CVE-2025-45818

Slims Senayan Library Management Systems 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/masterfile/itemstatus.php...

PT-2025-20387 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: Slims Senayan Library Management Systems version 9.6.1 Description: The issue is related to SQL Injection in the admin/modules/master file/author.php file. This allows for potential exploitation. No information is provided about the estimated...

PT-2025-18184 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: Slims Senayan Library Management Systems version 9.6.1 Description: The issue is related to SQL Injection in the admin/modules/master file/coll type.php file. This allows for potential exploitation. No information is provided about the...

CVE-2025-25403

Slims Senayan Library Management Systems 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/masterfile/colltype.php...

CVE-2025-26200

SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitorreportday.php component...

SLiMS 安全漏洞

SLiMS Senayan Library Management System is a free library management system from SLiMS open source. A security vulnerability exists in SLiMS version 9.6.1, which stems from the month parameter of monitorreportday.php not being handled correctly, allowing remote attackers to elevate privileges...

PT-2025-7773 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: SLIMS version 9.6.1 Description: The issue allows a remote attacker to escalate privileges via the month parameter in the visitor report day.php component. This is a result of SQL injection in the affected software. Recommendations: For SLIMS...

CVE-2025-22980

A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php...

PT-2024-39738 · WordPress · Wp Recipe Maker

Name of the Vulnerable Software and Affected Versions: WP Recipe Maker plugin for WordPress versions up to, and including, 9.6.1 Description: The issue is related to Stored Cross-Site Scripting via the tooltip parameter due to insufficient input sanitization and output escaping. This allows...

CVE-2024-31859 Member promoted to channel admin via playbooks run linking to channel

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to perform proper authorization checks which allows a member running a playbook in an existing channel to be promoted to a channel admin...

CVE-2024-4183

Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions table...

PT-2023-29784 · Senayan · Slims Senayan Library Management System +1

Name of the Vulnerable Software and Affected Versions: Senayan Library Management Systems Slims version 9 Senayan Library Management Systems Bulian version 9.6.1 Description: The issue allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the...

PT-2023-27726 · Senayan Library Management System · Slims

Name of the Vulnerable Software and Affected Versions: Senayan Library Management Systems SLIMS 9 Bulian version 9.6.1 Description: The issue concerns SQL Injection. It affects the admin/modules/circulation/loan rules.php endpoint. Recommendations: For version 9.6.1, consider restricting access t...