CVE-2025-22924 Information

Description

OS4ED openSIS v7.0 through v9.1 contains a SQL injection vulnerability via the stu_id parameter at /modules/students/Student.php.

Reference

https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22924 https://github.com/OS4ED/openSIS-Classic