CVE-2020-6122

Source
https://cve.org/CVERecord?id=CVE-2020-6122
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6122.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-6122
Published
2020-09-01T14:15:13.910Z
Modified
2026-04-10T04:27:48.992777Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

References

Affected packages

Git / github.com/os4ed/opensis-responsive-design

Affected ranges

Type
GIT
Repo
https://github.com/os4ed/opensis-responsive-design
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.3"
        }
    ]
}

Affected versions

Ver7.*
Ver7.0Prod_update
Ver7.0beta1
v7.*
v7.1
v7.2
v7.3
ver7.*
ver7.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6122.json"