Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Opensis'
2020-09-01
CVE-2020-6128
CWE-89
SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meet_date parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
2020-08-24
CVE-2020-6637
CWE-89
openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
2020-07-01
CVE-2020-13383
CWE-22
openSIS through 7.4 allows Directory Traversal.
CVE-2020-13382
CWE-269
openSIS through 7.4 has Incorrect Access Control.
CVE-2020-13381
CWE-89
openSIS through 7.4 allows SQL Injection.
CVE-2020-13380
CWE-89
openSIS before 7.4 allows SQL Injection.
2014-10-20
CVE-2014-8366
CWE-89
SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.
2013-12-09
CVE-2013-1349
CWE-94
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
Copyright
2024
, cxsecurity.com
Back to Top