ReportizFlow
Filtered by vendor Os4ed
Subscriptions
Filtered by product Opensis
Subscriptions
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38885 | 1 Os4ed | 1 Opensis | 2024-11-21 | 8.8 High |
| OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app. This may allow an attacker to trick an authenticated user into performing any kind of state changing request. | ||||
| CVE-2023-38884 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | ||||
| CVE-2023-38883 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'ajax' parameter in 'ParentLookup.php'. | ||||
| CVE-2023-38882 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php' | ||||
| CVE-2023-38881 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into any of the 'calendar_id', 'school_date', 'month' or 'year' parameters in 'CalendarModal.php'. | ||||
| CVE-2023-38880 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a database backup, the backup is stored in the web root while the file name has a format of "opensisBackup<date>.sql" (e.g. "opensisBackup07-20-2023.sql"), i.e. can easily be guessed. This file can be accessed by any unauthenticated actor and contains a dump of the whole database including password hashes. | ||||
| CVE-2023-38879 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. | ||||
| CVE-2022-45962 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.5 Medium |
| Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php. | ||||
| CVE-2022-27041 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases. | ||||
| CVE-2021-41679 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades/InputFinalGrades.php, period parameter. | ||||
| CVE-2021-41678 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staff{TITLE] parameter. | ||||
| CVE-2021-41677 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/functions/GetStuListFnc.php &Grade= parameter. | ||||
| CVE-2021-40651 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.5 Medium |
| OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file. | ||||
| CVE-2021-40637 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.1 Medium |
| OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user. | ||||
| CVE-2021-40636 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database. | ||||
| CVE-2021-40635 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database. | ||||
| CVE-2021-40618 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in openSIS Classic 8.0 via the 1) ADDR_CONT_USRN, 2) ADDR_CONT_PSWD, 3) SECN_CONT_USRN or 4) SECN_CONT_PSWD parameters in HoldAddressFields.php. | ||||
| CVE-2021-40617 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php. | ||||
| CVE-2021-40543 | 1 Os4ed | 1 Opensis | 2024-11-21 | 9.8 Critical |
| Opensis-Classic Version 8.0 is affected by a SQL injection vulnerability due to a lack of sanitization of input data at two parameters $_GET['usrid'] and $_GET['prof_id'] in the PasswordCheck.php file. | ||||
| CVE-2021-40542 | 1 Os4ed | 1 Opensis | 2024-11-21 | 6.1 Medium |
| Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). An unauthenticated user can inject and execute JavaScript code through the link_url parameter in Ajax_url_encode.php. | ||||