Filtered by vendor Slims Akasia Project
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12657 | 1 Slims Akasia Project | 1 Slims Akasia | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI. | |||||
CVE-2018-12656 | 1 Slims Akasia Project | 1 Slims Akasia | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords= URI. | |||||
CVE-2018-12654 | 1 Slims Akasia Project | 1 Slims Akasia | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords= URI. | |||||
CVE-2018-12655 | 1 Slims Akasia Project | 1 Slims Akasia | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to CVE-2017-7242. | |||||
CVE-2018-12659 | 1 Slims Akasia Project | 1 Slims Akasia | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter. |