Primary

Context

openSIS SQL Injection Vulnerability in Ajax.php

Vulnerability

A SQL injection vulnerability has been identified in openSIS version 9.1. This vulnerability allows remote attackers to execute arbitrary code by manipulating the id parameter in Ajax.php. The issue arises from improper handling of the parameter, which can be exploited by appending a single quote to trigger an SQL error, confirming the presence of the vulnerability.

Impact

Exploitation of this vulnerability allows for blind SQL injection, where an attacker can manipulate SQL queries and potentially execute arbitrary code on the server.

Reproduction

To reproduce this vulnerability, send a request to Ajax.php with the modname set to tools/GenerateApi.php, the modfunc set to remove, and the id parameter modified to include a single quote. The server will respond with an SQL error, indicating that the SQL injection vulnerability exists.

Added: Jul 15, 2025, 5:25 PM

Updated: Jul 15, 2025, 8:35 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

10.0

exploitability

9.5

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

10.0

exploitability

9.5

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

openSIS SQL Injection Vulnerability in Ajax.php

Vulnerability

Impact

Reproduction

Affected Products

openSIS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating