CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

VulnCheck KEV: CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

PT-2025-26748 · Unknown · Os4Ed Open Source Information System Community

Name of the Vulnerable Software and Affected Versions: OS4Ed Open Source Information System Community version 8.0 Description: A SQL injection issue exists via the student id and TRANSFERSCHOOL parameters in a POST request sent to "/TransferredOutModal.php" API endpoint. Recommendations: For OS4E...

CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core

DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Summary The Cybersecurity and Infrastructure Security Agency CISA has consistently observed Chinese Ministry of State Security MSS-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures TTPs to target U.S. Government...