Lucene search
K

5 matches found

NVD
NVD
added 2020/09/01 2:15 p.m.16 views

CVE-2020-6129

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page CpSessionSet.php is vulnerable to SQL injection.An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

8.8CVSS7.6AI score0.01403EPSS
Exploits1References1
OSV
OSV
added 2020/09/01 2:15 p.m.15 views

CVE-2020-6129

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page CpSessionSet.php is vulnerable to SQL injection.An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

8.8CVSS7.8AI score
Exploits0References1
Cvelist
Cvelist
added 2020/09/01 1:6 p.m.35 views

CVE-2020-6129

SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page CpSessionSet.php is vulnerable to SQL injection.An attacker can make an authenticated HTTP request to trigger these vulnerabilities...

6.4CVSS9.2AI score0.01403EPSS
Exploits1References1
CVE
CVE
added 2020/09/01 1:6 p.m.45 views

CVE-2020-6129

CVE-2020-6129 affects OS4Ed openSIS 7.3. Multiple SQL injection vulnerabilities exist in the course_period_id parameter across CpSessionSet.php and related MassSchedule/MassDrops/MassScheduleSessionSet.php endpoints. An authenticated HTTP request can trigger the vulnerability, with the attacker e...

8.8CVSS9AI score0.01403EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2020/08/31 12:0 a.m.101 views

OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities

Summary Multiple exploitable SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities. Tested Versions OS4Ed...

8.8CVSS8.1AI score0.01403EPSS
Exploits3
Rows per page
Query Builder