Nathan Johnson

3 exploits Active since Sep 2021
CVE-2021-39377 NOMISEC CRITICAL WRITEUP
Os4ed Opensis - SQL Injection
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the index.php username parameter.
CVSS 9.8
CVE-2021-39378 NOMISEC CRITICAL WRITEUP
Os4ed Opensis - SQL Injection
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the NamesList.php str parameter.
CVSS 9.8
CVE-2021-39379 NOMISEC CRITICAL WRITEUP
Os4ed Opensis - SQL Injection
A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the ResetUserInfo.php password_stn_id parameter.
CVSS 9.8