CVE-2025-26200 | SLiMS 9.6.1 visitor_report_day.php month sql injection

Posted by Angelo Barbosa | Feb 24, 2025 | CVE

A vulnerability was found in SLiMS 9.6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file visitor_report_day.php. The manipulation of the argument month leads to sql injection.

This vulnerability is handled as CVE-2025-26200. The attack may be launched remotely. There is no exploit available.

CVE-2025-26200 | SLiMS 9.6.1 visitor_report_day.php month sql injection

Related Posts

CVE-2024-5128 | lunary-ai lunary up to 1.2.24 Object Reference dataset_prompt access control

CVE-2024-4750 | WP-FeedStats buddyboss-platform Plugin up to 2.5.x on WordPress Private Post authorization

CVE-2024-6944 | ZhongBangKeJi CRMEB up to 5.4.0 PublicController.php get_image_base64 file deserialization

CVE-2021-47108 | Linux Kernel up to 5.15.11 mediatek mtk_hdmi_bridge_mode_valid null pointer dereference (71d07ebc5000/3b8e19a0aa39)