Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
静态存储代码中指令转义处理不恰当(静态代码注入)
Vulnerability Title
Open Solutions for Education openSIS 代码注入漏洞
Vulnerability Description
Open Solutions for Education openSIS是美国Open Solutions for Education公司的一套开源的学生信息管理系统。 Open Solutions for Education openSIS 7.4版本中存在远程代码执行漏洞,攻击者可以发送特定的HTTP请求来触发此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A