4 matches found
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
CVE-2024-35584
creationtimestamp| type| source ---|---|--- 2024-10-15 21:57:41+00:00| seen| https://t.me/cvedetector/7941...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
CVE-2024-35584
The OpenSIS Open Source Community Edition (versions 8.0–9.1, possibly earlier) contains a SQL injection flaw in Ajax.php, ForWindow.php, ForExport.php, Modules.php, and functions/HackingLogFnc.php. The root cause is direct concatenation of the HTTP_X_FORWARDED_FOR header value into SQL INSERT sta...