Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
os4ed opensis vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-1349
Eval injection vulnerability in ajax.php in openSIS 4.5 up to and including 5.2 allows remote malicious users to execute arbitrary PHP code via the modname parameter.
Os4ed Opensis 4.6
Os4ed Opensis 4.5
Os4ed Opensis 4.8.1
Os4ed Opensis 4.7
Os4ed Opensis 5.2
Os4ed Opensis 5.1
Os4ed Opensis 5.0
Os4ed Opensis 4.9
Os4ed Opensis 4.8
1 EDB exploit
7.5
CVSSv2
CVE-2014-8366
SQL injection vulnerability in openSIS 4.5 up to and including 5.3 allows remote malicious users to execute arbitrary SQL commands via the Username and password to index.php.
Os4ed Opensis 4.5
Os4ed Opensis 5.3
NA
CVE-2022-45962
Open Solutions for Education, Inc openSIS Community Edition v8.0 and previous versions is vulnerable to SQL Injection via CalendarModal.php.
Os4ed Opensis
4.3
CVSSv2
CVE-2020-27409
OpenSIS Community Edition prior to 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
Os4ed Opensis
7.5
CVSSv2
CVE-2021-27341
OpenSIS Community Edition version <= 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter.
Os4ed Opensis
7.5
CVSSv2
CVE-2020-13381
openSIS up to and including 7.4 allows SQL Injection.
Os4ed Opensis
5
CVSSv2
CVE-2020-13383
openSIS up to and including 7.4 allows Directory Traversal.
Os4ed Opensis
4.3
CVSSv2
CVE-2021-27340
OpenSIS Community Edition version <= 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter.
Os4ed Opensis
5
CVSSv2
CVE-2020-27408
OpenSIS Community Edition up to and including 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated malicious user to change the password of arbitrary users.
Os4ed Opensis
7.5
CVSSv2
CVE-2020-13380
openSIS prior to 7.4 allows SQL Injection.
Os4ed Opensis
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »