Vulnerabilities > Slims

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-17	CVE-2021-45793	SQL Injection vulnerability in Slims Senayan Library Management System 9.4.2 Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. network low complexity slims CWE-89	5.0
2022-03-17	CVE-2021-45794	SQL Injection vulnerability in Slims Senayan Library Management System 9.4.2 Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. network low complexity slims CWE-89	5.0
2022-03-17	CVE-2021-45791	SQL Injection vulnerability in Slims Senayan Library Management System 8.3.1 Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. network low complexity slims CWE-89	6.5
2022-03-17	CVE-2021-45792	Cross-site Scripting vulnerability in Slims Senayan Library Management System 9.4.2 Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php. network slims CWE-79	3.5
2017-08-06	CVE-2017-12586	Path Traversal vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. network low complexity slims CWE-22	4.0
2017-08-06	CVE-2017-12585	SQL Injection vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. network low complexity slims CWE-89	6.5
2017-08-06	CVE-2017-12584	Cross-Site Request Forgery (CSRF) vulnerability in Slims Senayan Library Management System There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. network slims CWE-352	6.8
2017-03-23	CVE-2017-7242	Cross-site Scripting vulnerability in Slims Slims7 Cendana Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.php, bibliography/item.php, bibliography/item_barcode_generator.php, bibliography/printed_card.php, circulation/loan_rules.php, master_file/author.php, master_file/coll_type.php, and master_file/doc_language.php and the quickReturnID field to circulation/ajax_action.php. network slims CWE-79	4.3
2017-03-21	CVE-2017-7202	Cross-site Scripting vulnerability in Slims Slims7 Cendana Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana before 2017-03-16. network slims CWE-79	4.3

Vulnerabilities > Slims {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Slims"}]}

Vulnerabilities > Slims