Lucene search
China National Vulnerability DatabaseCNVD-2021-101536HistoryOct 13, 2021 - 12:00 a.m.
openSIS SQL Injection Vulnerability (CNVD-2021-101536)
2021-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
opensis
version 8.0
sql injection
vulnerability
database information
EPSS
0.002
Percentile
58.0%
openSIS is a free and open source student information system/school management software. openSIS version 8.0 has ADDR_CONT_USRN, ADDR_CONT_PSWD, SECN_CONT_USRN, SECN_CONT_PSWD parameters in the HoldAddressFields.php SQL injection vulnerability. An attacker could use this vulnerability to obtain sensitive database information.
Related
cve
cve
CVE-2021-40618
2021-10-12 18:15:08
nvd
nvd
CVE-2021-40618
2021-10-12 18:15:08
prion
prion
Sql injection
2021-10-12 18:15:00
osv
osv
CVE-2021-40618
2021-10-12 18:15:08
cvelist
cvelist
CVE-2021-40618
2021-10-12 17:39:55
checkpoint_advisories
checkpoint_advisories
OpenSIS SQL Injection (CVE-2021-40618; CVE-2021-40543)
2021-11-17 00:00:00