New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SQL injection in multiple functions #202
Comments
|
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades/EditHistoryMarkingPeriods.php, values[new][MP_TYPE]= parameter. POC: REQUEST: RESPONSE: SOLUTION: |
|
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/eligibility/EntryTimes.php, values[STAR'T_DAY]= parameter. POC: REQUEST: RESPONSE: SOLUTION: |
|
Please use the latest code from the repo......not the zip file and try this. We have committed several updates lately. |
|
Hello, We appreciate your observation and would like to inform that your suggestion has been implemented for the next release. Thank you. |
|
We released a new version and the issue has been fixed there. Please check and let us know your feedback in case you have any. |




A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/functions/GetStuListFnc.php Grade= parameter


POC
REQUEST
RESPONSE
SOLUTION
Use function sqlSecurityFilter() before assign $_REQUEST['grade'] to query.
the code should look like:
The text was updated successfully, but these errors were encountered: