Vulnerabilities > Os4Ed > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-01 CVE-2020-13383 Path Traversal vulnerability in Os4Ed Opensis
openSIS through 7.4 allows Directory Traversal.
network
low complexity
os4ed CWE-22
7.5
7.5
2020-07-01 CVE-2020-13380 SQL Injection vulnerability in Os4Ed Opensis
openSIS before 7.4 allows SQL Injection.
network
low complexity
os4ed CWE-89
7.5
7.5
2014-10-20 CVE-2014-8366 SQL Injection vulnerability in Os4Ed Opensis 4.5/5.3
SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.
network
low complexity
os4ed CWE-89
7.5
7.5
2013-12-09 CVE-2013-1349 Code Injection vulnerability in Os4Ed Opensis
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
network
low complexity
os4ed CWE-94
7.5
7.5