CVE-2023-45996

Name of the Vulnerable Software and Affected Versions Senayan Library Management Systems Slims version 9 Senayan Library Management Systems Bulian version 9.6.1

Description The issue allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the "member type.php" endpoint.

Recommendations For Senayan Library Management Systems Slims version 9, update to a version that fixes the SQL injection vulnerability. For Senayan Library Management Systems Bulian version 9.6.1, update to a version that fixes the SQL injection vulnerability. As a temporary workaround, consider restricting access to the member type.php endpoint to minimize the risk of exploitation.