VYPR

Slims9 Bulian

by Slims

Source repositories

CVEs (7)

  • CVE-2025-25403CriApr 29, 2025
    risk 0.64cvss 9.8epss 0.00

    Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.

  • CVE-2025-61488HigOct 20, 2025
    risk 0.49cvss 7.6epss 0.00

    An issue in Senayan Library Management System (SLiMS) 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrap_image.php component and the imageURL parameter

  • CVE-2025-65233Dec 17, 2025
    risk 0.00cvss epss 0.00

    Reflected cross-site scripting (XSS) in SLiMS (slims9_bulian) before 9.6.0 via improper handling of $_SERVER['PHP_SELF' ] in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path.

  • CVE-2024-25288Feb 21, 2024
    risk 0.00cvss epss 0.01

    SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerable to SQL Injection via pop-scope-vocabolary.php.

  • CVE-2023-48813Dec 1, 2023
    risk 0.00cvss epss 0.01

    Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php.

  • CVE-2022-45019Dec 5, 2022
    risk 0.00cvss epss 0.01

    SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter.

  • CVE-2021-45794Mar 17, 2022
    risk 0.00cvss epss 0.01

    Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be obtained.