CVE-2021-40651

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-40651

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-40651.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-40651

Published

2021-09-29T12:15:07.317Z

Modified

2025-11-20T11:53:23.760759Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.

References

Affected packages

Git / github.com/os4ed/opensis-responsive-design

Affected ranges

Type: GIT
Repo: https://github.com/os4ed/opensis-responsive-design
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0a2d61fff35900fc91566e6621d49959599bcb4e

Affected versions

V7.*

V7.5

V7.6

V8.*

V8.0

Ver7.*

Ver7.0Prod

Ver7.0Prod_update

Ver7.0beta1

v7.*

v7.1

v7.2

v7.3

ver7.*

ver7.1

ver7.4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-40651.json"