OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php.
The vulnerability occurs in the cp_id parameter passed to the /modules/messages/Inbox.php script. User-supplied data is not properly validated or sanitized before being passed to an SQL query. An attacker can inject malicious SQL code directly over the network without requiring authentication or user interaction.
An attacker can gain unauthorized access to the application's database, read, modify or delete stored data, and depending on the database server configuration — potentially take control of the entire system.
Apply patches available from the vendor according to the references. As additional remedial measures, it is recommended to restrict access to the application at the firewall level and monitor network traffic for anomalies in SQL queries.
OS4ED openSIS versions 7.0 to 9.1 (classic version of the application — openSIS-Classic)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOs4ed Opensis
APPOs4Ed7.0 – 9.1
Related vulnerabilities
SQL Injection w OpenSIS via parametry student_id i TRANSFER[SCHOOL]
SQL Injection w Os4Ed openSIS — parametr filter_id
Path traversal w openSIS umożliwia nieautoryzowany dostęp do plików
Path traversal w openSIS — nieautoryzowany dostęp do plików przez Modules.php
SQL injection w OS4Ed openSIS via parametr groupid w Group.php