CNNVD-202506-3096 Information
Jun 24, 2025
cve
CNNVD ID
CNNVD-202506-3096
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
OS4Ed OpenSIS是美国OS4Ed公司的一款学生信息系统软件。 OS4Ed OpenSIS v8.0版本存在安全漏洞,该漏洞源于对POST请求中student_id和TRANSFER{SCHOOL]参数处理不当,可能导致SQL注入攻击。
Description (English)
OS4Ed OpenSIS is a student information system software for OS4Ed in the United States. OS4Ed OpenSIS v8.0 has a security loophole, which stems from the mishandling of the parameters of student id and TRANNER{SchoOL] in the POST request, which could lead to an attack on SQL.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
osbuild
Published
2025-06-24
Last Modified
2026-02-24
References
https://github.com/OS4ED/openSIS-Classic/ https://opensis.com/ https://resources.s4e.io/blog/opensis-student-information-system-0-day-vulnerability-cve-2021-41691/ https://access.redhat.com/security/cve/cve-2021-41691
Patch
https://github.com/OS4ED/openSIS-Classic/releases
Share on: