5 matches found
openSIS SQL Injection Vulnerability (CNVD-2020-50527)
openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the courseperiodid parameter in MassScheduleSessionSet.php in openSIS 7.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injection...
CVE-2020-6131
SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
CVE-2020-6131
SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
Sql injection
SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...
CVE-2020-6131
SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. The courseperiodid parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities...