Vulnerabilities > Os4Ed > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-01 CVE-2020-6123 SQL Injection vulnerability in Os4Ed Opensis 7.3
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6122 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6121 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6120 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6119 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6118 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-09-01 CVE-2020-6117 SQL Injection vulnerability in Os4Ed Opensis 7.3
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.
network
low complexity
os4ed CWE-89
6.5
6.5
2020-07-01 CVE-2020-13382 Missing Authentication for Critical Function vulnerability in Os4Ed Opensis
openSIS through 7.4 has Incorrect Access Control.
network
low complexity
os4ed CWE-306
6.4
6.4