openSIS SQL Injection Vulnerability (CNVD-2020-50532)

openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the ln parameter in CheckDuplicateStudent.php in openSIS 7.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injection attack...

CVE-2020-6121

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2020-6121

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2009-1625

The vulnerability CVE-2009-1625 affects Thickbox Gallery 2: a directory traversal in index.php allows remote attackers to include and execute arbitrary local files via .. in the ln parameter. Reported impact per CVSS: partial confidentiality, integrity, and availability with network attack vector...

CVE-2009-1625

Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ln parameter...