16 matches found
CVE-2021-27340
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
EUVD-2020-27277
Malware in sbrugna...
EUVD-2021-14100
Malware in sbrugna...
CVE-2020-6123
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2021-27340
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
CVE-2021-27340
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
Cross site scripting
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
CVE-2021-27340
OpenSIS Community Edition
CVE-2021-27340
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
openSIS SQL Injection Vulnerability (CNVD-2020-51257)
openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the email parameter in EmailCheck.php in openSIS 7.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injection attack...
CVE-2020-6123
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6123
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
Sql injection
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6123
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-6123
OS4Ed openSIS 7.3 is affected by CVE-2020-6123 due to SQL injection in the email parameter of EmailCheck.php and EmailCheckOthers.php. The TALOS advisory provides concrete details: vulnerable code directly interpolates $_REQUEST['email'] into SQL queries without proper sanitization, enabling an a...
OS4Ed openSIS email parameter SQL injection vulnerability
Summary An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3...