Vulnerability Details CVE-2025-22926
An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v3 Score 9.8
References