Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Opensis
(Os4ed)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 63 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-20 | CVE-2023-38881 | A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into any of the 'calendar_id', 'school_date', 'month' or 'year' parameters in 'CalendarModal.php'. | Opensis | 6.1 | ||
| 2023-11-20 | CVE-2023-38882 | A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php' | Opensis | 6.1 | ||
| 2023-11-20 | CVE-2023-38883 | A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'ajax' parameter in 'ParentLookup.php'. | Opensis | 6.1 | ||
| 2023-11-20 | CVE-2023-38884 | An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | Opensis | 7.5 | ||
| 2023-11-20 | CVE-2023-38885 | OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app. This may allow an attacker to trick an authenticated user into performing any kind of state changing request. | Opensis | 8.8 | ||
| 2023-11-20 | CVE-2023-38880 | The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a database backup, the backup is stored in the web root while the file name has a format of "opensisBackup<date>.sql" (e.g. "opensisBackup07-20-2023.sql"), i.e. can easily be guessed. This file can be accessed by any unauthenticated actor and contains a dump of the whole database including password hashes. | Opensis | 9.8 | ||
| 2023-11-20 | CVE-2023-38879 | The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. | Opensis | 7.5 | ||
| 2023-02-13 | CVE-2022-45962 | Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php. | Opensis | 6.5 | ||
| 2020-07-01 | CVE-2020-13381 | openSIS through 7.4 allows SQL Injection. | Opensis | 9.8 | ||
| 2020-07-01 | CVE-2020-13383 | openSIS through 7.4 allows Directory Traversal. | Opensis | 7.5 |