Opensis-Classic Version 8.0 is affected by a SQL injection vulnerability due to a lack of sanitization of input data at two parameters $_GET['usrid'] and $_GET['prof_id'] in the PasswordCheck.php file.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/OS4ED/openSIS-Classic/issues/191 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-10-11T12:19:19
Updated: 2024-08-04T02:44:10.835Z
Reserved: 2021-09-07T00:00:00
Link: CVE-2021-40543
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-11T13:15:07.457
Modified: 2024-11-21T06:24:21.803
Link: CVE-2021-40543
Redhat
No data.