Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.6 views

CVE-2021-27340

OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter...

6.1CVSS6AI score0.01064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.10 views

CVE-2021-27341

OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter...

9.8CVSS6.7AI score0.01985EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14101

Malware in sbrugna...

9.8CVSS9.4AI score0.01985EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14100

Malware in sbrugna...

6.1CVSS6.3AI score0.01064EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-19920

Malware in sbrugna...

6.1CVSS6.3AI score0.0098EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-48804

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00901EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-27493

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00812EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:12 a.m.17 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

8.8CVSS9.3AI score0.05695EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:44 p.m.7 views

CVE-2021-40310

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting XSS vulnerability in the TakeAttendance.php via the cpidmissattn parameter...

5.4CVSS5.7AI score0.00812EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/05/22 5:33 p.m.8 views

CVE-2020-27408

OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users...

7.5CVSS7.4AI score0.01654EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:41 p.m.9 views

CVE-2020-6637

openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php...

9.8CVSS7.7AI score0.20058EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.10 views

CVE-2020-27409

OpenSIS Community Edition before 7.5 is affected by a cross-site scripting XSS vulnerability in SideForStudent.php via the modname parameter...

6.1CVSS5.8AI score0.0098EPSS
Exploits0
OSV
OSV
added 2024/10/15 7:15 p.m.13 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

8.8CVSS7.8AI score0.05695EPSS
Exploits2References3
NVD
NVD
added 2024/10/15 7:15 p.m.35 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

8.8CVSS0.05695EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/10/15 12:0 a.m.100 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

0.05695EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.10 views

PT-2024-26561 · Unknown · Opensis Community Edition

Name of the Vulnerable Software and Affected Versions: OpenSis Community Edition versions 8.0 through 9.1 Description: The issue is related to SQL injection due to a lack of sanitization. An authenticated user can perform SQL injection because the application directly appends an arbitrary value...

8.8CVSS7.2AI score0.05695EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2024/10/15 12:0 a.m.11 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

8.7AI score0.05695EPSS
Exploits2References3
Prion
Prion
added 2023/02/13 9:15 p.m.21 views

Sql injection

Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php...

4CVSS7AI score0.00901EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/13 12:0 a.m.8 views

CVE-2022-45962

Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php...

7.2AI score0.00901EPSS
Exploits1References5
NVD
NVD
added 2021/10/11 7:15 p.m.35 views

CVE-2021-40617

An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php...

9.8CVSS0.0521EPSS
Exploits3References2
Rows per page
Query Builder