3 matches found
CVE-2020-6136
An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6136
An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6136
OS4Ed openSIS 7.3 is affected by a SQL injection in DownloadWindow.php via the down_id parameter. The vulnerable code builds a query by directly embedding $_REQUEST['down_id'] (SELECT * FROM user_file_upload WHERE ID=...), enabling authenticated users to inject SQL. Talos’ report provides a teste...