Senayan Library Management System Security Vulnerabilities and Issues — Senayan Library Management System CVE List

Lucene search

SlimsSenayan Library Management System

5 matches found

CVE•added 2023/10/02 2:15 p.m.•40 views

CVE-2023-3744

Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL parameter.

9.9CVSS9.1AI score0.00075EPSS

CVE•added 2023/09/01 11:15 a.m.•34 views

CVE-2023-40970

Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.

8.8CVSS9AI score0.00087EPSS

CVE•added 2023/04/14 2:15 p.m.•31 views

CVE-2023-29850

SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information.

7.5CVSS7.3AI score0.00193EPSS

CVE•added 2023/09/01 11:15 a.m.•28 views

CVE-2023-40969

Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.

6.1CVSS6.2AI score0.00098EPSS

CVE•added 2023/10/31 6:15 a.m.•27 views

CVE-2023-45996

SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php.

8.8CVSS8.7AI score0.02021EPSS