EUVD-2020-27287

Malware in sbrugna...

CVE-2020-6133

SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page CourseMoreInfo.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

openSIS SQL Injection Vulnerability (CNVD-2020-50948)

openSIS is a free, open source student information system/school management software. An SQL injection vulnerability exists in the id parameter in CourseMoreInfo.php in OS4Ed openSIS 7.3, which can be exploited by an attacker sending an HTTP request to conduct an SQL injection attack...

Sql injection

SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page CourseMoreInfo.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

OS4Ed openSIS id parameter multiple SQL injection vulnerabilities

Summary Multiple exploitable SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities. Tested Versions OS4Ed openSIS 7.3...