Vulnerabilities > Os4Ed > Opensis > 7.4

DATE CVE VULNERABILITY TITLE RISK
2020-09-01 CVE-2020-6144 Code Injection vulnerability in Os4Ed Opensis 7.4
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4.
network
low complexity
os4ed CWE-94
7.5
7.5
2020-09-01 CVE-2020-6143 Code Injection vulnerability in Os4Ed Opensis 7.4
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4.
network
low complexity
os4ed CWE-94
7.5
7.5
2020-07-01 CVE-2020-13383 Path Traversal vulnerability in Os4Ed Opensis
openSIS through 7.4 allows Directory Traversal.
network
low complexity
os4ed CWE-22
7.5
7.5
2020-07-01 CVE-2020-13382 Missing Authentication for Critical Function vulnerability in Os4Ed Opensis
openSIS through 7.4 has Incorrect Access Control.
network
low complexity
os4ed CWE-306
6.4
6.4
2020-07-01 CVE-2020-13381 SQL Injection vulnerability in Os4Ed Opensis
openSIS through 7.4 allows SQL Injection.
network
low complexity
os4ed CWE-89
critical
 9.8
9.8
2020-07-01 CVE-2020-13380 SQL Injection vulnerability in Os4Ed Opensis
openSIS before 7.4 allows SQL Injection.
network
low complexity
os4ed CWE-89
7.5
7.5