Senayan_library_management_system - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Senayan_library_management_system
(Slims)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	19

Date	Id	Summary	Products	Score	Patch	Annotated
2022-11-01	CVE-2022-43361	Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php.	Senayan_library_management_system	4.8
2022-11-01	CVE-2022-43361	Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php.	Senayan_library_management_system	4.8
2022-11-01	CVE-2022-43362	Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php.	Senayan_library_management_system	7.2
2024-02-21	CVE-2024-25288	SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerable to SQL Injection via pop-scope-vocabolary.php.	Senayan_library_management_system	N/A
2024-02-21	CVE-2024-25288	SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerable to SQL Injection via pop-scope-vocabolary.php.	Senayan_library_management_system	N/A
2025-02-24	CVE-2025-26200	SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitor_report_day.php component.	Senayan_library_management_system	N/A
2023-04-14	CVE-2023-29850	SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information.	Senayan_library_management_system	7.5
2022-03-17	CVE-2021-45791	Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.	Senayan_library_management_system	8.8
2022-03-17	CVE-2021-45792	Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php.	Senayan_library_management_system	4.8
2022-03-17	CVE-2021-45794	Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be obtained.	Senayan_library_management_system	7.5