5 matches found
EUVD-2025-199724
OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL injection vulnerability via the ID parameter in the getSubUsersByProvider function...
OpenCode USSD Gateway 安全漏洞
OpenCode USSD Gateway is an OpenCode open source gateway software for processing and managing USSD messages. A security vulnerability exists in OpenCode USSD Gateway that originates from an SQL injection in the Session ID parameter in /occontrolpanel/index.php...
CVE-2025-65237
OpenCode Systems USSD Gateway OC Release 5 is affected by a reflected XSS vulnerability that lets an attacker inject arbitrary JavaScript into a user’s browser by sending a crafted payload. The issue is documented across multiple sources (e.g., Red Hat CVE entry and NVD) with a CVSSv3.1 base scor...
CVE-2025-65238
Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information...
CVE-2025-65237
A reflected cross-site scripted XSS vulnerability in OpenCode Systems USSD Gateway OC Release: 5 allows attackers to execute arbitrary JavaScript in the context of a user's browser via injecting a crafted payload...