CNNVD-202510-2587 Information
CNNVD ID
CNNVD-202510-2587
Related CVE
- CNNVD Published: 2025-10-20
Description (Chinese)
SLiMS 9 Bulian是印度尼西亚SLiMS社区的一个免费的开源软件。用于图书馆资源管理(如书籍、期刊、数字文档和其他图书馆资料)和管理。 SLiMS 9 Bulian 9.6.1版本存在安全漏洞,该漏洞源于scrap_image.php组件中imageURL参数处理不当,可能导致执行任意代码。
Description (English)
SLIMS 9 Bulian is a free open source software for the SLiMS community in Indonesia. For library resource management (e.g., books, periodicals, digital files and other library materials) and management. There is a security loophole in version 9.6.1 of SLiMS 9 Bulian, which stems from the inappropriate handling of imageURL parameters in the scrap image.php component, which may lead to the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
SLiMS
Published
2025-10-20
Last Modified
2026-02-24
References
https://github.com/slims/slims9_bulian/issues/299 https://access.redhat.com/security/cve/cve-2025-61488
Patch
https://slims.web.id/web/news/rilis-9.7.2/
Share on: