Senayan Library Management System Security Vulnerabilities and Issues — Senayan Library Management System CVE List

Lucene search

SlimsSenayan Library Management System

9 matches found

CVE•added 2022/03/17 12:15 p.m.•138 views

CVE-2021-45793

Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained.

7.5CVSS7.9AI score0.19286EPSS

CVE•added 2022/03/17 11:15 a.m.•88 views

CVE-2021-45792

Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php.

4.8CVSS4.9AI score0.00207EPSS

CVE•added 2022/03/17 11:15 a.m.•79 views

CVE-2021-45791

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.

8.8CVSS9AI score0.00332EPSS

CVE•added 2022/03/17 12:15 p.m.•73 views

CVE-2021-45794

Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be obtained.

7.5CVSS7.9AI score0.00233EPSS

CVE•added 2022/09/12 9:15 p.m.•53 views

CVE-2022-38291

SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search bar.

6.1CVSS5.9AI score0.00106EPSS

CVE•added 2022/09/12 9:15 p.m.•52 views

CVE-2022-38292

SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3950sru.php.

9.8CVSS9.5AI score0.00106EPSS

CVE•added 2022/12/05 11:15 p.m.•45 views

CVE-2022-45019

SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter.

7.5CVSS7.8AI score0.00066EPSS

CVE•added 2022/11/01 7:15 p.m.•38 views

CVE-2022-43362

Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php.

7.2CVSS7.2AI score0.0008EPSS

CVE•added 2022/11/01 7:15 p.m.•35 views

CVE-2022-43361

Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php.

4.8CVSS4.9AI score0.0008EPSS