NotCVE - vendor:"Slims" product:"Senayan Library Management System Bulian" version:"9.6.1"

3 results (0.015 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2

CVE-2023-48893

https://notcve.org/view.php?id=CVE-2023-48893

01 Dec 2023 — SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate. Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 es vulnerable a la inyección SQL a través de admin/modules/reporting/customs/staff_act.php. • https://github.com/Vuln0wned/slims_owned/blob/main/slims/slims9-bulian-9.6.1-SQLI-staff_act.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2

CVE-2023-48813

https://notcve.org/view.php?id=CVE-2023-48813

01 Dec 2023 — Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php. Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 es vulnerable a la inyección SQL a través de admin/modules/reporting/customs/fines_report.php. • https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-fines_report.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 2

CVE-2023-45996

https://notcve.org/view.php?id=CVE-2023-45996

31 Oct 2023 — SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php. Vulnerabilidad de inyección SQL en Senayan Library Management Systems Slims v.9 y Bulian v.9.6.1 permite a un atacante remoto obtener información confidencial y ejecutar código arbitrario a través de un script manipulado para el parámetro reborrowLimit en m... • https://github.com/Vuln0wned/slims_owned/blob/main/slims/slims9-bulian-9.6.1-SQLI-member_type.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •