Vulnerabilities > Os4Ed > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-01 | CVE-2021-40353 | SQL Injection vulnerability in Os4Ed Opensis 8.0 A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. | 7.5 |
| 2020-09-01 | CVE-2020-6144 | Code Injection vulnerability in Os4Ed Opensis 7.4 A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. | 7.5 |
| 2020-09-01 | CVE-2020-6143 | Code Injection vulnerability in Os4Ed Opensis 7.4 A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. | 7.5 |
| 2020-09-01 | CVE-2020-6142 | Path Traversal vulnerability in Os4Ed Opensis 7.3 A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-09-01 | CVE-2020-6140 | SQL Injection vulnerability in Os4Ed Opensis 7.3 SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-09-01 | CVE-2020-6139 | SQL Injection vulnerability in Os4Ed Opensis 7.3 SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-09-01 | CVE-2020-6138 | SQL Injection vulnerability in Os4Ed Opensis 7.3 SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-09-01 | CVE-2020-6137 | SQL Injection vulnerability in Os4Ed Opensis 7.3 SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-09-01 | CVE-2020-6141 | SQL Injection vulnerability in Os4Ed Opensis 7.3 An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. | 7.5 |
| 2020-08-24 | CVE-2020-6637 | SQL Injection vulnerability in Os4Ed Opensis 7.3 openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php. | 7.5 |