45 matches found
EUVD-2021-25739
Malware in sbrugna...
EUVD-2021-27492
Malicious code in bioql PyPI...
EUVD-2021-27811
Malicious code in bioql PyPI...
EUVD-2021-27809
Malicious code in bioql PyPI...
CVE-2021-39378
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the NamesList.php str parameter...
CVE-2021-39379
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the ResetUserInfo.php passwordstnid parameter...
CVE-2021-40637
OS4ED openSIS 8.0 is affected by cross-site scripting XSS in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user...
CVE-2021-40637
OS4ED openSIS 8.0 is affected by cross-site scripting XSS in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user...
Cross site scripting
OS4ED openSIS 8.0 is affected by cross-site scripting XSS in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user...
CVE-2021-40636
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database...
CVE-2021-40635
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database...
CVE-2021-40636
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database...
CVE-2021-40635
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database...
Sql injection
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database...
Sql injection
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database...
CVE-2021-40637
OS4ED openSIS 8.0 is affected by cross-site scripting XSS in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user...
CVE-2021-40636
CVE-2021-40636 affects OS4ED OpenSIS 8.0 and involves a SQL injection in CheckDuplicateName.php that can extract information from the database. The connected sources confirm the vulnerability is due to SQL injection in that file and document the impact as information disclosure from the database....
CVE-2021-40636
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database...
CVE-2021-40635
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database...
openSIS Student Information System 8.0 SQL Injection
Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...