openSIS is a free and open source student information system/school management software. openSIS version 8.0 has a SQL injection vulnerability in the cp_id_miss_attn parameter in TakeAttendance.php. An attacker can exploit this vulnerability to inject SQL queries.