Senayan Library Management System 9.0.0 - SQL Injection | Advisories

Advisories

Senayan Library Management System 9.0.0 - SQL Injection

severity: high
date: January 13, 2026
Affecting: Senayan Library Management System 9.0.0
CVE: CVE-2022-50805
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSS: 8.8
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
References: ExploitDB-51161
Senayan Library Management System Official Website
Vulnerability Research Repository
Credit: nu11secur1ty
Description: Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.