Filtered by vendor Os4ed
Subscriptions
Filtered by product Opensis
Subscriptions
Total
65 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27408 | 1 Os4ed | 1 Opensis | 2021-07-21 | 7.5 High |
| OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users. | ||||
| CVE-2020-27409 | 1 Os4ed | 1 Opensis | 2020-12-07 | 6.1 Medium |
| OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter. | ||||
| CVE-2020-13380 | 1 Os4ed | 1 Opensis | 2020-09-03 | 9.8 Critical |
| openSIS before 7.4 allows SQL Injection. | ||||
| CVE-2020-6637 | 1 Os4ed | 1 Opensis | 2020-09-03 | 9.8 Critical |
| openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php. | ||||
| CVE-2013-1349 | 1 Os4ed | 1 Opensis | 2020-09-03 | N/A |
| Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter. | ||||