OS4Ed openSIS Community SQL Injection Vulnerability in TransferredOutModal.php

A SQL injection vulnerability has been identified in OS4Ed openSIS Community version 8.0. The issue arises in the TransferredOutModal.php file, where the 'student_id' and 'TRANSFER[SCHOOL]' parameters in POST requests can be exploited to inject malicious SQL payloads. This vulnerability allows attackers to access and manipulate database information.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

The vulnerability can be reproduced by sending a POST request to the 'TransferredOutModal.php' endpoint with crafted SQL injection payloads in the 'student_id' and 'TRANSFER[SCHOOL]' parameters. This can be done using tools like Burp Suite or Postman, or through a custom script that automates the process.

Remediation

Users are advised to update to the latest version of openSIS Community Edition, as the vulnerability has been addressed in version 9.1. Instructions for updating can be found in the openSIS Community Edition Installation Guide.