OS4ED Administrator

4 exploits Active since Jul 2020
CVE-2020-13380 WRITEUP CRITICAL WRITEUP
openSIS <7.4 - SQL Injection
openSIS before 7.4 allows SQL Injection.
CVSS 9.8
CVE-2020-13383 WRITEUP HIGH WRITEUP
openSIS <7.4 - Path Traversal
openSIS through 7.4 allows Directory Traversal.
CVSS 7.5
CVE-2020-27409 WRITEUP MEDIUM WRITEUP
OpenSIS CE <7.5 - XSS
OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
CVSS 6.1
CVE-2020-6637 WRITEUP CRITICAL WRITEUP
Os4ed Opensis - SQL Injection
openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
CVSS 9.8