|
202731
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker…
|
CWE-89
SQL Injection
|
CVE-2020-6123
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202732
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can m…
|
CWE-89
SQL Injection
|
CVE-2020-6122
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202733
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can …
|
CWE-89
SQL Injection
|
CVE-2020-6121
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202734
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can m…
|
CWE-89
SQL Injection
|
CVE-2020-6120
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202735
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker c…
|
CWE-89
SQL Injection
|
CVE-2020-6119
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202736
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker …
|
CWE-89
SQL Injection
|
CVE-2020-6118
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202737
|
8.8 |
HIGH
Network
|
os4ed
|
opensis
|
SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker ca…
|
CWE-89
SQL Injection
|
CVE-2020-6117
|
2024-11-21 14:35 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202738
|
4.3 |
MEDIUM
Network
|
sap
|
abap_platform
netweaver_application_server_abap
|
Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP u…
|
NVD-CWE-noinfo
|
CVE-2020-6310
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202739
|
7.5 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the atta…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-6309
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202740
|
8.1 |
HIGH
Network
|
sap
|
hcm_travel_management
|
SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of priv…
|
CWE-862
Missing Authorization
|
CVE-2020-6301
|
2024-11-21 14:35 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
