Slims
slims
27 CVEs • 4 products
Products (4)
Click to collapseToggle
Products (4)
Click to collapse
CVEs (27)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Slims 1Senayan Library Management System Bulian Jun 17, 2025 May 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/bibliography/pop_author_edit.php. |
1Slims 1Senayan Library Management System Bulian Jun 17, 2025 May 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/author.php. |
1Slims 1Senayan Library Management System Bulian Jun 17, 2025 May 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/item_status.php. |
1Slims 1Senayan Library Management System May 1, 2025 Feb 24, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitor_report_day.php component. |
1Slims 1Senayan Library Management System Bulian Jun 18, 2025 Jan 22, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php. |
1Slims 1Senayan Library Management System May 5, 2025 Feb 21, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerable to SQL Injection via pop-scope-vocabolary.php. |
1Slims 1Senayan Library Management System Bulian Nov 21, 2024 Dec 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate. |
1Slims 1Senayan Library Management System Bulian Nov 21, 2024 Dec 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php. |
1Slims 2Senayan Library Management System Senayan Library Management System BulianNov 21, 2024 Oct 31, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit...Show more |
1Slims 1Senayan Library Management System Nov 21, 2024 Oct 2, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_im...Show more |
1Slims 1Senayan Library Management System Nov 21, 2024 Sep 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php. |
1Slims 1Senayan Library Management System Nov 21, 2024 Sep 1, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php. |
1Slims 1Senayan Library Management System Feb 6, 2025 Apr 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information. |
1Slims 1Senayan Library Management System Apr 24, 2025 Dec 5, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter. |
1Slims 1Senayan Library Management System May 5, 2025 Nov 1, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php. |
1Slims 1Senayan Library Management System May 5, 2025 Nov 1, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php. |
1Slims 1Senayan Library Management System Nov 21, 2024 Sep 12, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3950sru.php. |
1Slims 1Senayan Library Management System Nov 21, 2024 Sep 12, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML vi...Show more |
1Slims 1Senayan Library Management System Nov 21, 2024 Mar 17, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be obtained. |
1Slims 1Senayan Library Management System Nov 21, 2024 Mar 17, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. |