38 matches found
CVE-2021-27340
OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...
CVE-2021-27341
OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter...
EUVD-2021-14101
Malware in sbrugna...
EUVD-2021-14100
Malware in sbrugna...
EUVD-2020-19920
Malware in sbrugna...
EUVD-2022-48804
Malicious code in bioql PyPI...
EUVD-2021-27493
Malicious code in bioql PyPI...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
CVE-2021-40310
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting XSS vulnerability in the TakeAttendance.php via the cpidmissattn parameter...
CVE-2020-27408
OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users...
CVE-2020-6637
openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php...
CVE-2020-27409
OpenSIS Community Edition before 7.5 is affected by a cross-site scripting XSS vulnerability in SideForStudent.php via the modname parameter...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
PT-2024-26561 · Unknown · Opensis Community Edition
Name of the Vulnerable Software and Affected Versions: OpenSis Community Edition versions 8.0 through 9.1 Description: The issue is related to SQL injection due to a lack of sanitization. An authenticated user can perform SQL injection because the application directly appends an arbitrary value...
CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...
Sql injection
Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php...
CVE-2022-45962
Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php...
CVE-2021-40617
An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php...