Source |
CISCO Talos |
Identifiant |
1891613 |
Date de publication |
2020-08-31 07:08:04 (vue: 2020-09-01 00:05:06) |
Titre |
Vulnerability Spotlight: Multiple SQL, code injection vulnerabilities in OpenSIS |
Texte |
Yuri Kramarz and Yves Younan discovered these vulnerabilities. Blog by Jon Munshaw
Cisco Talos researchers recently discovered multiple vulnerabilities in the OpenSIS software family. OpenSIS is a student information management system for K-12 students. It is available in commercial and open-source versions and allows schools to create schedules and track attendance, grades and transcripts. An adversary could take advantage of these bugs to carry out a range of malicious activities, including...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Envoyé |
Oui |
Condensat |
activities advantage adversary allows attendance available beginning blog bugs carry cisco code commercial complete could create discovered entry family grades including information injection jon kramarz malicious management multiple munshaw only open opensis out please range recently researchers schedules schools software source spotlight: sql student students system take talos these track transcripts versions visit vulnerabilities vulnerability younan yuri yves |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|