Vulnerability Details CVE-2025-22928
OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-22928
-
cpe:2.3:a:os4ed:opensis:7.0
-
cpe:2.3:a:os4ed:opensis:7.1
-
cpe:2.3:a:os4ed:opensis:7.2
-
cpe:2.3:a:os4ed:opensis:7.3
-
cpe:2.3:a:os4ed:opensis:7.4
-
cpe:2.3:a:os4ed:opensis:7.5
-
cpe:2.3:a:os4ed:opensis:7.6
-
cpe:2.3:a:os4ed:opensis:8.0
-
cpe:2.3:a:os4ed:opensis:9.0