Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensis vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-6137
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6140
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6142
A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6144
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trig...
Os4ed Opensis 7.4
7.5
CVSSv2
CVE-2020-6138
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6139
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6143
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trig...
Os4ed Opensis 7.4
6.5
CVSSv2
CVE-2020-6136
An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
7.5
CVSSv2
CVE-2020-6141
An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
6.5
CVSSv2
CVE-2020-6135
An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Os4ed Opensis 7.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »