Lucene search
K

715 matches found

NVD
NVD
added 2020/09/01 2:15 p.m.17 views

CVE-2020-6120

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS7.4AI score0.01403EPSS
Exploits1References1
OSV
OSV
added 2020/09/01 2:15 p.m.15 views

CVE-2020-6117

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS8AI score
Exploits0References1
OSV
OSV
added 2020/09/01 2:15 p.m.11 views

CVE-2020-6121

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS8AI score
Exploits0References1
Prion
Prion
added 2020/09/01 2:15 p.m.15 views

Sql injection

An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.9 views

Sql injection

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassDropSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

6.5CVSS9.2AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.12 views

Sql injection

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

6.5CVSS9.2AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.15 views

Sql injection

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page CpSessionSet.php is vulnerable to SQL injection.An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

6.5CVSS9AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.13 views

Sql injection

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS9.1AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.14 views

Sql injection

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS9.1AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.9 views

Sql injection

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.12 views

Sql injection

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS9.1AI score0.01403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.15 views

Sql injection

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/01 2:14 p.m.60 views

CVE-2020-6127

CVE-2020-6127 affects OS4Ed openSIS 7.3. The vulnerability is in CoursePeriodModal.php where multiple SQL injections exist via parameters id, course_period_id, and meet_date, exploitable by an authenticated HTTP request. Talos documents multiple SQL injection vectors in CoursePeriodModal.php (e.g...

8.8CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/01 2:14 p.m.45 views

CVE-2020-6127

SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.4CVSS9AI score0.01403EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/09/01 2:14 p.m.41 views

CVE-2020-6126

SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The courseperiodid parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

6.4CVSS9AI score0.01403EPSS
Exploits1References1
CVE
CVE
added 2020/09/01 2:14 p.m.50 views

CVE-2020-6126

OS4Ed openSIS 7.3 is affected by CVE-2020-6126 due to SQL injection in CoursePeriodModal.php. The vulnerable parameters are course_period_id, id, and meet_date, where unsanitized input is used in SQL queries, enabling authenticated attackers to trigger injections via crafted HTTP requests. Talos ...

8.8CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/01 2:7 p.m.48 views

CVE-2020-6125

OS4Ed openSIS 7.3 is affected by a SQL injection in GetSchool.php via the u parameter. The vulnerability allows an authenticated HTTP request to trigger SQL injection, potentially leaking or altering data. TALOS documents the vulnerable code path (GET /opensis/GetSchool.php?title=1&course_period_...

8.8CVSS8.9AI score0.01803EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/01 2:7 p.m.22 views

CVE-2020-6125

An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.4CVSS9AI score0.01803EPSS
Exploits1References1
CVE
CVE
added 2020/09/01 2:3 p.m.52 views

CVE-2020-6124

CVE-2020-6124 describes an exploitable SQL injection in OS4Ed openSIS 7.3, affecting the email parameter handling in two scripts: EmailCheckOthers.php and EmailCheck.php . The vulnerability allows an attacker to trigger SQL Injection via authenticated HTTP requests that supply crafted email value...

8.8CVSS8.9AI score0.01403EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/01 2:3 p.m.35 views

CVE-2020-6124

An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheckOthers.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.4CVSS9AI score0.01403EPSS
Exploits1References1
Rows per page
Query Builder