Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1349
Eval injection vulnerability in ajax.php in openSIS 4.5 up to and including 5.2 allows remote malicious users to execute arbitrary PHP code via the modname parameter.
Os4ed Opensis 4.6
Os4ed Opensis 4.5
Os4ed Opensis 4.8.1
Os4ed Opensis 4.7
Os4ed Opensis 5.2
Os4ed Opensis 5.1
Os4ed Opensis 5.0
Os4ed Opensis 4.9
Os4ed Opensis 4.8
1 EDB exploit
NA
CVE-2014-8366
SQL injection vulnerability in openSIS 4.5 up to and including 5.3 allows remote malicious users to execute arbitrary SQL commands via the Username and password to index.php.
Os4ed Opensis 4.5
Os4ed Opensis 5.3
6.1
CVSSv3
CVE-2021-27340
OpenSIS Community Edition version <= 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter.
Os4ed Opensis
6.5
CVSSv3
CVE-2022-45962
Open Solutions for Education, Inc openSIS Community Edition v8.0 and previous versions is vulnerable to SQL Injection via CalendarModal.php.
Os4ed Opensis
7.5
CVSSv3
CVE-2020-27408
OpenSIS Community Edition up to and including 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated malicious user to change the password of arbitrary users.
Os4ed Opensis
9.8
CVSSv3
CVE-2020-13380
openSIS prior to 7.4 allows SQL Injection.
Os4ed Opensis
9.1
CVSSv3
CVE-2020-13382
openSIS up to and including 7.4 has Incorrect Access Control.
Os4ed Opensis
9.8
CVSSv3
CVE-2020-13381
openSIS up to and including 7.4 allows SQL Injection.
Os4ed Opensis
7.5
CVSSv3
CVE-2020-13383
openSIS up to and including 7.4 allows Directory Traversal.
Os4ed Opensis
6.1
CVSSv3
CVE-2020-27409
OpenSIS Community Edition prior to 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
Os4ed Opensis
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »