VYPR

Library Management System

by Senayan

CVEs (2)

  • CVE-2023-48893HigDec 1, 2023
    risk 0.57cvss 8.8epss 0.01

    SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate.

  • CVE-2023-29850HigApr 14, 2023
    risk 0.49cvss 7.5epss 0.01

    SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information.