Akasia Security Vulnerabilities and Issues — Akasia CVE List

Lucene search

SlimsAkasia

2 matches found

CVE•added 2017/08/06 3:29 a.m.•48 views

CVE-2017-12586

SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian users.

6.5CVSS6.3AI score0.00441EPSS

CVE•added 2017/08/06 3:29 a.m.•44 views

CVE-2017-12585

SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be exploited by remote authenticated librarian users.

8.8CVSS8.8AI score0.00427EPSS