2 matches found
OpenSIS SQL Injection (CVE-2021-40618; CVE-2021-40543)
An SQL injection vulnerability exists in OpenSIS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2021-40543
OpenSIS OpenSIS Classic 8.0 is affected by a SQL injection in PasswordCheck.php due to lack of sanitization of input data for $_GET['usrid'] and $_GET['prof_id']. The vulnerability allows an attacker to inject SQL and, as described in CNVD/CNNVD variants, could enable retrieval of database inform...