CVE-2023-38879

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'.

OS4ED/openSIS-Classic
OS4ED/openSIS-Classic
openSIS is a commercial grade, secure, scalable & intuitive Student Information System, School Management Software from OS4ED. Has all functionalities to run single or multiple institutions in one installation. Web based, php code, MySQL database.
GitHubGitHub
317
dub-flow/vulnerability-research
dub-flow/vulnerability-research
This repository contains information on the CVEs I found.
GitHubGitHub
53