Vulnerabilities > Rosariosis > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-2714 | Unspecified vulnerability in Rosariosis Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0. | 9.8 |
| 2022-06-13 | CVE-2022-2067 | SQL Injection vulnerability in Rosariosis SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0. | 9.1 |
| 2022-02-24 | CVE-2021-44567 | SQL Injection vulnerability in Rosariosis An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php. | 9.8 |
| 2021-11-29 | CVE-2021-44427 | SQL Injection vulnerability in Rosariosis An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter. | 9.8 |