Lucene search
K

715 matches found

Cvelist
Cvelist
added 2020/07/01 2:11 p.m.35 views

CVE-2020-13380

openSIS before 7.4 allows SQL Injection...

9.7AI score0.02365EPSS
Exploits3References2
CVE
CVE
added 2020/07/01 2:11 p.m.40 views

CVE-2020-13380

OpenSIS 7.4 and earlier are affected by a SQL Injection vulnerability. The issue arises from insufficient validation of externally supplied SQL statements in database-backed components, enabling potentially unauthorized data access and manipulation. Affected parts include multiple endpoints (e.g....

9.8CVSS9.7AI score0.02365EPSS
Exploits3References2Affected Software1
Dsquare
Dsquare
added 2020/07/01 12:0 a.m.186 views

OpenSIS 7.4 SQL Injection

SQL Injection vulnerability in OpenSIS eventid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

7.5CVSS0.6AI score0.02365EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2020/07/01 12:0 a.m.2 views

PT-2020-13508 · Os4Ed · Opensis

Name of the Vulnerable Software and Affected Versions: openSIS versions prior to 7.5 Description: The issue allows Directory Traversal. Recommendations: For openSIS versions prior to 7.5, update to version 7.5 or later to resolve the issue...

7.5CVSS7.5AI score0.69605EPSS
Exploits6References7
Positive Technologies
Positive Technologies
added 2020/07/01 12:0 a.m.1 views

PT-2020-13506 · Os4Ed · Opensis

Name of the Vulnerable Software and Affected Versions: openSIS versions prior to 7.5 Description: The issue allows SQL Injection. Recommendations: For openSIS versions prior to 7.5, update to version 7.5 or later to resolve the issue...

9.8CVSS9.7AI score0.59028EPSS
Exploits6References7
Metasploit
Metasploit
added 2020/06/30 1:35 p.m.105 views

openSIS Unauthenticated PHP Code Execution

This module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to scripts which...

9.8CVSS9.1AI score0.69605EPSS
Exploits12
0day.today
0day.today
added 2020/06/30 12:0 a.m.204 views

openSIS 7.4 Multiple SQL Injection Vulnerabilties

Exploit for php platform in category web applications ----------------------------------------------------- openSIS = 7.4 Multiple SQL Injection Vulnerabilities ----------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions: Version 7.4 and prior...

7.5CVSS0.2AI score0.59028EPSS
Exploits7
0day.today
0day.today
added 2020/06/30 12:0 a.m.181 views

openSIS 7.4 Local File Inclusion Vulnerability

Exploit for php platform in category web applications -------------------------------------------------------------- openSIS = 7.4 Bottom.php Local File Inclusion Vulnerability -------------------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions...

5CVSS7.8AI score0.69605EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/06/30 12:0 a.m.236 views

openSIS 7.4 SQL Injection

----------------------------------------------------- openSIS = 7.4 Multiple SQL Injection Vulnerabilities ----------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions: Version 7.4 and prior versions. - Vulnerabilities Description: The applicatio...

0.59028EPSS
Exploits7
Packet Storm
Packet Storm
added 2020/06/30 12:0 a.m.211 views

openSIS 7.4 Incorrect Access Control

------------------------------------------------------- openSIS = 7.4 Incorrect Access Control Vulnerabilities ------------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions: Version 7.4 and prior versions. - Vulnerabilities Description: The...

0.4AI score0.52814EPSS
Exploits6
0day.today
0day.today
added 2020/06/30 12:0 a.m.205 views

openSIS 7.4 Incorrect Access Control Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------- openSIS = 7.4 Incorrect Access Control Vulnerabilities ------------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions: Version 7.4 and...

6.4CVSS0.4AI score0.52814EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/06/30 12:0 a.m.219 views

openSIS 7.4 Local File Inclusion

-------------------------------------------------------------- openSIS = 7.4 Bottom.php Local File Inclusion Vulnerability -------------------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions: Version 7.4 and prior versions. - Vulnerability...

7.8AI score0.69605EPSS
Exploits6
NVD
NVD
added 2014/10/20 6:55 p.m.12 views

CVE-2014-8366

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...

7.5CVSS8.5AI score0.02072EPSS
Exploits1References3
Prion
Prion
added 2014/10/20 6:55 p.m.14 views

Sql injection

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...

7.5CVSS9.2AI score0.02072EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2014/10/20 6:55 p.m.4 views

CVE-2014-8366

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...

7.5CVSS6.4AI score0.02072EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/10/20 6:0 p.m.26 views

CVE-2014-8366

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...

8.5AI score0.02072EPSS
Exploits1References3
CVE
CVE
added 2014/10/20 6:0 p.m.57 views

CVE-2014-8366

CVE-2014-8366 affects openSIS 4.5–5.3, where an SQL injection flaw in index.php allows remote attackers to execute arbitrary SQL via the Username and password fields. Root cause is improper handling of user-supplied input in the login mechanism, enabling manipulation of the underlying database. R...

7.5CVSS8.8AI score0.02072EPSS
Exploits1References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/10/05 12:0 a.m.45 views

OpenSIS ajax.php modname Code Execution (CVE-2013-1349)

A remote code execution vulnerability has been reported in OpenSIS. The vulnerability is due to insufficient validation of modname parameter while parsing requests to ajax.php module. A remote attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server...

7.5CVSS6.4AI score0.23322EPSS
Exploits6
OpenVAS
OpenVAS
added 2014/07/04 12:0 a.m.24 views

openSIS 4.5/5.3 'index.php' SQLi Vulnerability - Active Check

openSIS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.02072EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

OpenSIS 'modname' - PHP Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

7.1AI score
Exploits0
Rows per page
Query Builder