SQL Injection Vulnerability in Senayan Library Management System by Senayan
CVE-2025-22980
6.7MEDIUM
What is CVE-2025-22980?
A SQL Injection vulnerability has been identified in the Senayan Library Management System SLiMS 9 Bulian version 9.6.1. This vulnerability arises from improper handling of the tempLoanID parameter within the loan form located at /admin/modules/circulation/loan.php. Exploitation of this SQL Injection flaw could allow attackers to execute arbitrary SQL queries, potentially leading to unauthorized access to sensitive data or manipulation of database contents.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved