CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-51211

SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $username_stn_id parameter, which can be manipulated by an attacker to inject arbitrary SQL commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/kutsa1/My-CVE/tree/main/CVE-2024-51211

Products affected by CVE-2024-51211

Os4ed » Opensis » Version: 9.0

cpe:2.3:a:os4ed:opensis:9.0
Os4ed » Opensis » Version: 9.1

cpe:2.3:a:os4ed:opensis:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-51211

Products

Pricing

Contact Us