High severity7.5NVD Advisory· Published Apr 11, 2022· Updated Jun 17, 2026
CVE-2022-27041
CVE-2022-27041
Description
Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases.
Affected products
2- OpenSIS/OpenSIS Classicdescription
Patches
Vulnerability mechanics
References
1- github.com/OS4ED/openSIS-Classic/issues/248nvdExploitIssue TrackingPatchThird Party Advisory
News mentions
0No linked articles in our index yet.