CVE-2020-6136

2020-09-01T18:15:00
ID CVE-2020-6136
Type cve
Reporter cve@mitre.org
Modified 2020-09-03T19:14:00

Description

An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.