Opensis-Classic Version 8.0 is affected by a SQL injection vulnerability due to a lack of sanitization of input data at two parameters $GET['usrid'] and $GET['prof_id'] in the PasswordCheck.php file.