2 matches found
CVE-2009-4208
SQL injection vulnerability in the osnews module in Open-school OS 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php...
CVE-2009-4208
CVE-2009-4208 is a SQL injection vulnerability in the os_news module of Open-school (OS) 1.0. The issue allows remote attackers to inject arbitrary SQL commands via the id parameter in the show action of index.php. Public references (NVD, Exploit-DB) confirm the vulnerability, with a base score o...