CVE-2025-26186
Published
CVSS v3
8.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.php
openSIS is a commercial grade, secure, scalable & intuitive Student Information System, School Management Software from OS4ED. Has all functionalities to run single or multiple institutions in one installation. Web based, php code, MySQL database.
GitHub