CVE-2022-50805

Senayan Library Management System 9.0.0 - SQL Injection

CVSS 8.8 HIGHEPSS 0.3%CWE-89

Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Affected products

SLIMS · Senayan Library Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.0.0/SQLi https://slims.web.id/web/https://www.exploit-db.com/exploits/51161 https://www.vulncheck.com/advisories/senayan-library-management-system-sql-injection