CVE-2021-40651: CVE-2021-40651

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-40651

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

OS4Ed OpenSIS 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OS4Ed OpenSIS是OS4Ed的商业级、安全、可扩展和直观的学生信息系统、学校管理软件。具有在一个安装中运行单个或多个机构的所有功能。基于 Web，php 代码，MySQL 数据库。 OS4Ed OpenSIS Community存在路径遍历漏洞，该漏洞源于OS4Ed OpenSIS Community 8.0 容易受到 Modules.php（modname 参数）中的本地文件包含漏洞的影响，只要应用程序有权访问该文件，该漏洞就可以从服务器的文件系统中泄露任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-40651

#	POC Description	Source Link	Shenlong Link
1	OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-40651.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-40651

Please Login to view more intelligence information

https://www.exploit-db.com/exploits/50259x_refsource_MISC
https://youtu.be/wFwlbXANRCox_refsource_MISC
https://github.com/MiSERYYYYY/Vulnerability-Reports-and-Disclosures/blob/main/OpenSIS-Community-8.0.mdx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-40651

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-40651

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2021-40651

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-40651

III. Intelligence Information for CVE-2021-40651

IV. Related Vulnerabilities

V. Comments for CVE-2021-40651

Leave a comment