Lucene search
K

4 matches found

Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.247 views

RosarioSIS 7.6 - SQL Injection

Exploit Title: RosarioSIS 7.6 - SQL Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 7.6 Tested on: Ubuntu Windows CVE : CVE-2021-44567 PoC: POST...

9.8CVSS9.7AI score0.23673EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/04/11 12:0 a.m.282 views

📄 RosarioSIS SQL Injection

RosarioSIS versions prior to 7.6.1 suffer from a remote unauthenticated SQL injection vulnerability. Exploit Title: RosarioSIS $votesarray && if ! empty $votesarray && PortalPollsVote $pollid, $votesarray votes'; CREATE TABLE aaat text --=1...

9.8CVSS9.6AI score0.23673EPSS
Exploits3
Circl
Circl
added 2022/02/24 6:21 p.m.7 views

CVE-2021-44567

creationtimestamp| type| source ---|---|--- 2022-02-24 18:21:25+00:00| seen| https://t.me/cibsecurity/38019 2025-04-11 05:35:40+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lmjcddkckn2o 2025-04-12 21:02:17+00:00| seen|...

9.8CVSS8.7AI score0.23673EPSS
Exploits3References3
CVE
CVE
added 2022/02/22 8:16 p.m.86 views

CVE-2021-44567

CVE-2021-44567 affects RosarioSIS, prior to 7.6.1. An unauthenticated SQL injection is exposed via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php, allowing arbitrary query execution. The vulnerability is demonstrated in public advisories and exploit sources (e.g., Proof-of-Conce...

9.8CVSS9.9AI score0.23673EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder