CNNVD-202507-2054 Information

CNNVD ID

CNNVD-202507-2054

Related CVE

CVE-2025-26186

• CNNVD Published: 2025-07-15

Description (Chinese)

Open Solutions For Education openSIS是美国Open Solutions For Education公司的一套开源的学生信息管理系统。 Open Solutions For Education openSIS 9.1版本存在安全漏洞，该漏洞源于文件Ajax.php中参数id存在SQL注入，可能导致执行任意代码。

Description (English)

Open Solutions For Education OpenSIS is an open-source student information management system for Education in the United States. Open Solutions For Education openSIS version 9.1 contains a security loophole that stems from the SQL injection of parameter id in document Ajax.php, which may result in the implementation of any code.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Open Source Matters

Published

2025-07-15

Last Modified

2026-02-24

References

https://github.com/OS4ED/openSIS-Classic/pull/330 https://www.os4ed.com/ https://access.redhat.com/security/cve/cve-2025-26186 https://nvd.nist.gov/vuln/detail/CVE-2025-26186