3 matches found
CVE-2021-41679
creationtimestamp| type| source ---|---|--- 2021-11-30 16:34:40+00:00| seen| https://t.me/cibsecurity/33088...
CVE-2021-41679
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades/InputFinalGrades.php, period parameter...
CVE-2021-41679
Open Solutions for Education openSIS 8.0 is affected by a SQL injection in InputFinalGrades.php (period parameter) when using MySQL/MariaDB. The root cause is lack of input validation in that endpoint, enabling attackers to craft SQL commands via the application database. According to the sources...