7 matches found
OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)
Exploit Title: OpenSIS 8.0 - 'cpidmissattn' Reflected Cross-Site Scripting XSS Date: 9/24/2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux CVE : CVE-2021-40310 OpenSIS Community Edition...
CVE-2021-40310
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting XSS vulnerability in the TakeAttendance.php via the cpidmissattn parameter...
Cross site scripting
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting XSS vulnerability in the TakeAttendance.php via the cpidmissattn parameter...
CVE-2021-40310
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting XSS vulnerability in the TakeAttendance.php via the cpidmissattn parameter...
CVE-2021-40310
OpenSIS Community Edition 8.0 is affected by a cross-site scripting (XSS) flaw in TakeAttendance.php via the cp_id_miss_attn parameter. The vulnerability context and PoC links are documented across multiple sources (e.g., PacketStorm and Exploit-DB entries), illustrating a reflected XSS payload u...
OS4Ed OpenSIS SQL注入漏洞
openSIS is a free and open source student information system/school management software. openSIS version 8.0 has a SQL injection vulnerability in the cpidmissattn parameter in TakeAttendance.php. An attacker can exploit this vulnerability to inject SQL queries...
OpenSIS 跨站脚本漏洞
Open Solutions For Education openSIS is an open source student information management system from Open Solutions for Education Open Solutions For Education, a US company. A cross-site scripting vulnerability exists in OpenSIS Community Edition version 8.0, which stems from a lack of validation an...