4 matches found
CVE-2020-6121
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6121
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6121
OS4Ed openSIS 7.3 is affected by multiple SQL injection vulnerabilities in CheckDuplicateStudent.php. The vulnerabilities concern parameters fn, mn, ln, byear, bmonth, and bday, which can be injected to alter SQL queries used to locate existing students. Talos documents exploit paths involving co...
OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability
Talos Vulnerability Report TALOS-2020-1072 OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability August 31, 2020 CVE Number CVE-2020-6117,CVE-2020-6119,CVE-2020-6121,CVE-2020-6118,CVE-2020-6120,CVE-2020-6122 SUMMARY Multiple exploitable SQL injection vulnerabilities exist in th...