22 matches found
EUVD-2020-27282
Malware in sbrugna...
EUVD-2020-27280
Malware in sbrugna...
EUVD-2020-27281
Malware in sbrugna...
CVE-2020-6126
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The courseperiodid parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
CVE-2020-6128
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meetdate parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to...
CVE-2020-6127
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
openSIS SQL Injection Vulnerability (CNVD-2020-51260)
openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the courseperiodid parameter in CoursePeriodModal.php in openSIS 7.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injection atta...
CVE-2020-6127
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6126
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The courseperiodid parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
CVE-2020-6127
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6128
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meetdate parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to...
CVE-2020-6128
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meetdate parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to...
Sql injection
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The courseperiodid parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
Sql injection
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
Sql injection
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meetdate parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to...
CVE-2020-6128
OS4Ed openSIS 7.3 is affected by SQL injection in CoursePeriodModal.php, specifically via meet_date, and also via course_period_id and id parameters as detailed by Talos. The vulnerability enables an authenticated attacker to trigger SQL injection through crafted HTTP requests to CoursePeriodModa...
CVE-2020-6128
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meetdate parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to...
CVE-2020-6127
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6127
CVE-2020-6127 affects OS4Ed openSIS 7.3. The vulnerability is in CoursePeriodModal.php where multiple SQL injections exist via parameters id, course_period_id, and meet_date, exploitable by an authenticated HTTP request. Talos documents multiple SQL injection vectors in CoursePeriodModal.php (e.g...
CVE-2020-6126
OS4Ed openSIS 7.3 is affected by CVE-2020-6126 due to SQL injection in CoursePeriodModal.php. The vulnerable parameters are course_period_id, id, and meet_date, where unsanitized input is used in SQL queries, enabling authenticated attackers to trigger injections via crafted HTTP requests. Talos ...