cbcvebase.

Os4Ed Opensis vulnerabilities

76 known vulnerabilities affecting os4ed/opensis.

Total CVEs
76
CISA KEV
0
Public exploits
11
Exploited in wild
2
Severity breakdown
CRITICAL28HIGH38MEDIUM10

Vulnerabilities

Page 1 of 4
CVE-2024-51211P1CRITICALCVSS 9.8ExploitedPoCv9.0v9.12024-11-08
CVE-2024-51211 [CRITICAL] CWE-89 CVE-2024-51211: SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetus SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $username_stn_id parameter, which can be manipulated by an attacker to inject arbitrary SQL commands.
nvd
CVE-2021-41691P1CRITICALCVSS 9.8ExploitedPoCv8.02025-06-24
CVE-2021-41691 [CRITICAL] CWE-89 CVE-2021-41691: A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in POST request sent to /TransferredOutModal.php.
nvd
CVE-2020-6637P2CRITICALCVSS 9.8PoCv7.32020-08-24
CVE-2020-6637 [CRITICAL] CWE-89 CVE-2020-6637: openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of i openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
nvd
CVE-2013-1349P2HIGHCVSS 7.5PoCv4.5v4.6+7 more2013-12-09
CVE-2013-1349 [HIGH] CWE-94 CVE-2013-1349: Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execu Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
nvd
CVE-2024-35584P2HIGHCVSS 8.8PoCv8.0v9.12024-10-15
CVE-2024-35584 [HIGH] CWE-89 CVE-2024-35584: SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forward
nvd
CVE-2021-40617P2CRITICALCVSS 9.8PoCv8.02021-10-11
CVE-2021-40617 [CRITICAL] CWE-89 CVE-2021-40617: An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserNam An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.
nvd
CVE-2024-46626P2HIGHCVSS 8.8PoCv9.12024-10-02
CVE-2024-46626 [HIGH] CWE-89 CVE-2024-46626: OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted pay OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload.
nvd
CVE-2023-38879P3HIGHCVSS 7.5PoCv9.02023-11-20
CVE-2023-38879 [HIGH] CWE-22 CVE-2023-38879: The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitra The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'.
nvd
CVE-2021-40651P3MEDIUMCVSS 6.5PoCv8.02021-09-29
CVE-2021-40651 [MEDIUM] CWE-22 CVE-2021-40651: OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (mo OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.
nvd
CVE-2021-39378P2CRITICALCVSS 9.8v8.02021-09-01
CVE-2021-39378 [CRITICAL] CWE-89 CVE-2021-39378: A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the applic A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the NamesList.php str parameter.
nvd
CVE-2020-6143P2CRITICALCVSS 9.8v7.42020-09-01
CVE-2020-6143 [CRITICAL] CWE-96 CVE-2020-6143: A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2020-6142P2CRITICALCVSS 9.8v7.32020-09-01
CVE-2020-6142 [CRITICAL] CWE-22 CVE-2020-6142: A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2020-6144P2CRITICALCVSS 9.8v7.42020-09-01
CVE-2020-6144 [CRITICAL] CWE-96 CVE-2020-6144: A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2023-38880P2CRITICALCVSS 9.8v9.02023-11-20
CVE-2023-38880 [CRITICAL] CVE-2023-38880: The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerabili The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a database backup, the backup is stored in the web root while the file name has a format of "opensisBackup.sql" (e.g. "opensisBackup07-20-2023.sql"), i.e. can easily be guessed. This file
nvd
CVE-2020-6140P3CRITICALCVSS 9.8v7.32020-09-01
CVE-2020-6140 [CRITICAL] CWE-89 CVE-2020-6140: SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The pas SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2020-6139P3CRITICALCVSS 9.8v7.32020-09-01
CVE-2020-6139 [CRITICAL] CWE-89 CVE-2020-6139: SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The use SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2020-6137P3CRITICALCVSS 9.8v7.32020-09-01
CVE-2020-6137 [CRITICAL] CWE-89 CVE-2020-6137: SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The pas SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2020-6138P3CRITICALCVSS 9.8v7.32020-09-01
CVE-2020-6138 [CRITICAL] CWE-89 CVE-2020-6138: SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The una SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-40542P3MEDIUMCVSS 6.1PoCv8.02021-10-11
CVE-2021-40542 [MEDIUM] CWE-79 CVE-2021-40542: Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). An unauthenticated user can i Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). An unauthenticated user can inject and execute JavaScript code through the link_url parameter in Ajax_url_encode.php.
nvd
CVE-2021-39379P3CRITICALCVSS 9.8v8.02021-09-01
CVE-2021-39379 [CRITICAL] CWE-89 CVE-2021-39379: A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the applic A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the ResetUserInfo.php password_stn_id parameter.
nvd
Os4Ed Opensis vulnerabilities | cvebase