2 matches found
CVE-2025-22925
OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the table parameter at /attendance/AttendanceCodes.php. The remote, authenticated attacker requires the admin role to successfully exploit this vulnerability...
CVE-2025-22925
OS4ED openSIS (v7.0–v9.1) is affected by a SQL injection vulnerability in the /attendance/AttendanceCodes.php endpoint via the table parameter. The flaw requires an authenticated admin to exploit. Impact is high (availability impact stated) with no information on exploitation probability beyond t...