Opensis SQL Injection Vulnerability (CNVD-2021-101539)

openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in openSIS version 8.0. The vulnerability stems from a lack of validation of input data for the $GET'usrid' and $GET'profid' parameters in PasswordCheck.php. An attacker can...

CVE-2017-11418

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/controller/articlelist.php via $GET'cat', $GET'user', $GET'level', and $GET'iSortCol'.$i...

CVE-2017-11418

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/controller/articlelist.php via $GET'cat', $GET'user', $GET'level', and $GET'iSortCol'.$i...