Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
静态存储代码中指令转义处理不恰当(静态代码注入)
Vulnerability Title
Open Solutions for Education openSIS 代码注入漏洞
Vulnerability Description
Open Solutions for Education openSIS是美国Open Solutions for Education公司的一套开源的学生信息管理系统。 Open Solutions for Education openSIS 7.4存在安全漏洞,攻击者可以通过构造恶意的HTTP请求从而执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A