Multiple vulnerabilities in OS4Ed openSIS

1) SQL injection

EUVDB-ID: #VU46153

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6129

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "course_period_id" parameter in "CpSessionSet.php" page. A remote authenticated attacker can send a specially crafted HTTP request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1076

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) SQL injection

EUVDB-ID: #VU46154

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6130

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "course_period_id" parameter in "MassDropSessionSet.php" page. A remote authenticated attacker can send a specially crafted HTTP request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1076

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) SQL injection

EUVDB-ID: #VU46155

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6131

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "coure_period_id" parameter in "MassScheduleSessionSet.php" page. A remote authenticated attacker can send a specially crafted HTTP request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1076

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Code Injection

EUVDB-ID: #VU46179

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6144

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in the username variable in "install/Step5.php". A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1083

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Code Injection

EUVDB-ID: #VU46178

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6143

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in the password variable in "install/Step5.php". A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1083

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) SQL injection

EUVDB-ID: #VU46177

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6125

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "u" parameter in "GetSchool.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1074

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) SQL injection

EUVDB-ID: #VU46176

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6136

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "down_id" parameter in the download page "DownloadWindow.php". A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://talosintelligence.com/vulnerability_reports/TALOS-2020-1079

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) SQL injection

EUVDB-ID: #VU46175

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6140

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "password_stf_email" parameter in the password reset page "/opensis/ResetUserInfo.php". A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1080

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) SQL injection

EUVDB-ID: #VU46174

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6139

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "username_stf_email" parameter in the password reset page "/opensis/ResetUserInfo.php". A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1080

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) SQL injection

EUVDB-ID: #VU46173

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6138

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "uname" parameter in the password reset page "/opensis/ResetUserInfo.php". A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1080

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) SQL injection

EUVDB-ID: #VU46172

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6137

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "password_stf_email" parameter in the password reset page "/opensis/ResetUserInfo.php". A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1080

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) SQL injection

EUVDB-ID: #VU46171

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6134

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "id" parameter in "MassDropModal.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1075

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) SQL injection

EUVDB-ID: #VU46170

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6133

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "id" parameter in "CourseMoreInfo.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1075

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) SQL injection

EUVDB-ID: #VU46169

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6132

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "id" parameter in "ChooseCP.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1077

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) SQL injection

EUVDB-ID: #VU46168

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6128

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "meet_date" parameter in "CoursePeriodModal.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1075

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) SQL injection

EUVDB-ID: #VU46167

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6127

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "id" parameter in "CoursePeriodModal.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1075

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) SQL injection

EUVDB-ID: #VU46166

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6126

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "course_period_id" parameter in "CoursePeriodModal.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1075

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) SQL injection

EUVDB-ID: #VU46165

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6141

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "USERNAME" parameter in "/opensis/index.php" page. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1081

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) SQL injection

EUVDB-ID: #VU46164

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6122

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "mn" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) SQL injection

EUVDB-ID: #VU46163

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6121

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "ln" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) SQL injection

EUVDB-ID: #VU46162

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6120

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "fn" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) SQL injection

EUVDB-ID: #VU46161

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6119

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "byear" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) SQL injection

EUVDB-ID: #VU46160

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6118

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "bmonth" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) SQL injection

EUVDB-ID: #VU46159

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6117

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "bday" parameter in "CheckDuplicateStudent.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1072

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) SQL injection

EUVDB-ID: #VU46158

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6135

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "stfid" parameter in "Validator.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1078

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) SQL injection

EUVDB-ID: #VU46157

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6124

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "email" parameter in "EmailCheckOthers.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1073

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) SQL injection

EUVDB-ID: #VU46156

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6123

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "email" parameter in "EmailCheck.php" page. A remote authenticated attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install updates from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1073

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) Path traversal

EUVDB-ID: #VU46207

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-6142

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the "Modules.php" functionality. A remote authenticated attacker can send a specially crafted HTTP request and read arbitrary files on the system, leading to remote code execution.

Install update from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://talosintelligence.com/vulnerability_reports/TALOS-2020-1082

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) SQL injection

EUVDB-ID: #VU46208

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-6637

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data passed via the "USERNAME" parameter of index.php. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install update from vendor's website.

openSIS: 7.3

• cpe:2.3:a:OS4Ed:opensis:7.3:*:*:*:*:*:*:*

http://cinzinga.com/CVE-2020-6637/
http://github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71ad8d73510de8
http://opensis.com/
http://sourceforge.net/projects/opensis-ce/files/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) SQL injection

EUVDB-ID: #VU46209

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-13380

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install update from vendor's website.

openSIS: 7.0 - 7.3

• cpe:2.3:a:OS4Ed:opensis:7.0:*:*:*:*:*:*:*

http://github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71ad8d73510de8
http://packetstormsecurity.com/files/158257/openSIS-7.4-SQL-Injection.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?