Vulnerabilities > Slims > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2021-45791 SQL Injection vulnerability in Slims Senayan Library Management System 8.3.1
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter.
network
low complexity
slims CWE-89
8.8
8.8
2017-08-06 CVE-2017-12585 SQL Injection vulnerability in Slims Akasia
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php.
network
low complexity
slims CWE-89
8.8
8.8
2017-08-06 CVE-2017-12584 Cross-Site Request Forgery (CSRF) vulnerability in Slims Senayan Library Management System
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1.
network
low complexity
slims CWE-352
8.8
8.8