CVE-2021-39378
CVE-2021-39378 affects openSIS 8.0 when using MySQL/MariaDB. A SQL Injection vulnerability allows an attacker to issue SQL commands to the database through the NamesList.php str parameter, with CVSS v3.1 base score 9.8 (CRITICAL) and impact on confidentiality, integrity, and availability reported...