Vulnerability in N/a
CVE-2020-6637
openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
EPSS: 0.695 (98.7th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- opensis.com/ (x_refsource_MISC)
- sourceforge.net/projects/opensis-ce/files/ (x_refsource_MISC)
- github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71a… (x_refsource_MISC)
- cinzinga.com/CVE-2020-6637/ (x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-6637?
- CVE-2020-6637 is a vulnerability in N/a. Published 2020-08-24.
- Is CVE-2020-6637 known to be exploited?
- 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.