A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in POST request sent to /TransferredOutModal.php.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Jul 2025 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Os4ed
Os4ed opensis |
|
CPEs | cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:* | |
Vendors & Products |
Os4ed
Os4ed opensis |
Wed, 25 Jun 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-89 | |
Metrics |
cvssV3_1
|
Tue, 24 Jun 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in POST request sent to /TransferredOutModal.php. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-06-24T00:00:00.000Z
Updated: 2025-06-25T14:34:52.796Z
Reserved: 2021-09-27T00:00:00.000Z
Link: CVE-2021-41691

Updated: 2025-06-25T14:21:56.420Z

Status : Analyzed
Published: 2025-06-24T16:15:22.797
Modified: 2025-07-09T19:07:49.143
Link: CVE-2021-41691

No data.