CVE-2022-50805

HIGH

Senayan Library Management System 9.0.0 - SQL Injection

Title source: llm

Description

Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.

Exploits (1)

exploitdb WORKING POC

by nu11secur1ty · textwebappsphp

https://www.exploit-db.com/exploits/51161

View Code ZIP pw:eip

References (4)

[Various Sources] https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.0.0/SQLi

[Various Sources] https://slims.web.id/web/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/51161

[Third Party Advisory] https://www.vulncheck.com/advisories/senayan-library-management-system-sql-injection

Scores

CVSS v3 8.2

EPSS 0.0005

EPSS Percentile 16.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Details

CWE

CWE-89

Status published

Products (1)

SLIMS/Senayan Library Management System 9.0.0

Published Jan 13, 2026

Tracked Since Feb 18, 2026