Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

os4ed opensis vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2013-1349
Eval injection vulnerability in ajax.php in openSIS 4.5 up to and including 5.2 allows remote malicious users to execute arbitrary PHP code via the modname parameter.
Os4ed Opensis 4.6Os4ed Opensis 4.5Os4ed Opensis 4.8.1Os4ed Opensis 4.7Os4ed Opensis 5.2Os4ed Opensis 5.1Os4ed Opensis 5.0Os4ed Opensis 4.9Os4ed Opensis 4.8
7.5
CVSSv2
CVE-2014-8366
SQL injection vulnerability in openSIS 4.5 up to and including 5.3 allows remote malicious users to execute arbitrary SQL commands via the Username and password to index.php.
Os4ed Opensis 4.5Os4ed Opensis 5.3
5
CVSSv2
CVE-2020-27408
OpenSIS Community Edition up to and including 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated malicious user to change the password of arbitrary users.
Os4ed Opensis
7.5
CVSSv2
CVE-2020-13380
openSIS prior to 7.4 allows SQL Injection.
Os4ed Opensis
5
CVSSv2
CVE-2020-13383
openSIS up to and including 7.4 allows Directory Traversal.
Os4ed Opensis
4.3
CVSSv2
CVE-2020-27409
OpenSIS Community Edition prior to 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
Os4ed Opensis
7.5
CVSSv2
CVE-2021-27341
OpenSIS Community Edition version <= 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter.
Os4ed Opensis
6.4
CVSSv2
CVE-2020-13382
openSIS up to and including 7.4 has Incorrect Access Control.
Os4ed Opensis
7.5
CVSSv2
CVE-2020-13381
openSIS up to and including 7.4 allows SQL Injection.
Os4ed Opensis
NA
CVE-2022-45962
Open Solutions for Education, Inc openSIS Community Edition v8.0 and previous versions is vulnerable to SQL Injection via CalendarModal.php.
Os4ed Opensis
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook