|
202201
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages. The course_period_id parameter in the page CpSessionSet.php is vulnerable to SQL injection.An a…
|
CWE-89
SQL Injection
|
CVE-2020-6129
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202202
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker…
|
CWE-89
SQL Injection
|
CVE-2020-6123
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202203
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can m…
|
CWE-89
SQL Injection
|
CVE-2020-6122
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202204
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can …
|
CWE-89
SQL Injection
|
CVE-2020-6121
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202205
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can m…
|
CWE-89
SQL Injection
|
CVE-2020-6120
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202206
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker c…
|
CWE-89
SQL Injection
|
CVE-2020-6119
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202207
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker …
|
CWE-89
SQL Injection
|
CVE-2020-6118
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202208
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker ca…
|
CWE-89
SQL Injection
|
CVE-2020-6117
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202209
|
4.3 |
MEDIUM
Network
|
sap
|
abap_platform
netweaver_application_server_abap
|
Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP u…
|
NVD-CWE-noinfo
|
CVE-2020-6310
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202210
|
7.5 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the atta…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-6309
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
