Slims Project: >> Slims Security Vulnerabilities
Reflected cross-site scripting (XSS) in SLiMS (slims9_bulian) before 9.6.0 via improper handling of $_SERVER['PHP_SELF' ] in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-12-17
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /customs/loan_by_class.php?reportView.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-02-13
Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords= URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-22