CVE-2020-6134

Source
https://cve.org/CVERecord?id=CVE-2020-6134
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6134.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-6134
Published
2020-09-01T15:15:12.547Z
Modified
2026-04-10T04:27:49.240283Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page MassDropModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

References

Affected packages

Git / github.com/os4ed/opensis-responsive-design

Affected ranges

Type
GIT
Repo
https://github.com/os4ed/opensis-responsive-design
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.3"
        }
    ]
}

Affected versions

Ver7.*
Ver7.0Prod_update
Ver7.0beta1
v7.*
v7.1
v7.2
v7.3
ver7.*
ver7.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6134.json"