Lucene search
China National Vulnerability DatabaseCNVD-2022-84050HistoryMar 21, 2022 - 12:00 a.m.
Slims8 Akasia SQL Injection Vulnerability
2022-03-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
0.001 Low
EPSS
Percentile
37.9%
Slims8 Akasia is a software of the Slims community in Indonesia. It is used for library resource management (e.g. books, journals, digital documents and other library materials) and administration.An SQL injection vulnerability exists in Slims8 Akasia version 8.3.1, which stems from missing SQL statements in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_ group.php and /admin/modules/membership/index.php lack escaping and filtering of user-submitted SQL statements in the dir parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| slims slims8 akasia | eq | 8.3.1 |
Related
osv
osv
CVE-2021-45791
2022-03-17 11:15:07
nvd
nvd
CVE-2021-45791
2022-03-17 11:15:07
cvelist
cvelist
CVE-2021-45791
2022-03-17 10:35:45
prion
prion
Sql injection
2022-03-17 11:15:00
cve
cve
CVE-2021-45791
2022-03-17 11:15:07