CVE-2021-40617

CRITICAL

openSIS 8.0 - SQL Injection via ForgotPassUserName.php

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-40617. PoCs published by CodeSecLab, H4niz.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in openSIS Community Edition 8.0 via the ForgotPassUserName.php endpoint. The PoC shows how an attacker can inject a malicious SQL query to bypass authentication by manipulating the 'u' parameter.

Description

An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.

Exploits (2)

exploitdb WORKING POC

by CodeSecLab · textwebappsphp

https://www.exploit-db.com/exploits/52447

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in openSIS Community Edition 8.0 via the ForgotPassUserName.php endpoint. The PoC shows how an attacker can inject a malicious SQL query to bypass authentication by manipulating the 'u' parameter.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: openSIS Community Edition 8.0

Auth required

Prerequisites: Valid session cookie · Access to the target application

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github NO CODE

by H4niz · poc

https://github.com/H4niz/CVE/tree/main/CVE-2021-40617

View Code ZIP pw:eip

References (2)

Core 2

Core References

Various Sources

https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2021-40617.md

View Writeup ZIP pw:eip

Exploit, Issue Tracking, Mitigation, Third Party Advisory

https://github.com/OS4ED/openSIS-Classic/issues/192

Scores

CVSS v3 9.8

EPSS 0.0659

EPSS Percentile 91.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

os4ed/opensis 8.0

Published Oct 11, 2021

Tracked Since Feb 18, 2026