CNNVD-202512-3253 Information

CNNVD ID

CNNVD-202512-3253

Related CVE

CVE-2025-65233

• CNNVD Published: 2025-12-17

Description (Chinese)

SLiMS（Senayan Library Management System）是SLiMS开源的一款免费的图书馆管理系统。 SLiMS 9.6.0之前版本存在安全漏洞，该漏洞源于index.php/sysconfig.inc.php中对$_SERVER[PHP_SELF]处理不当，可能导致反射型跨站脚本攻击。

Description (English)

SLiMS (Senayan Library Management System) is a free library management system for SLiMS open source. The security loophole in the pre-SLiMS 9.6.0 version stems from the inappropriate handling of $ SERVER [PHP SELF] in the index.php/sysconfig.inc.php, which may result in a cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SLiMS

Published

2025-12-17

Last Modified

2026-02-24

References

https://github.com/hbtw25/vulnerability-research/tree/main/CVE-2025-65233 https://github.com/slims/slims9_bulian/issues/185 https://access.redhat.com/security/cve/cve-2025-65233

Patch

https://github.com/slims/slims9_bulian/releases