CVE-2021-44427
29.11.2021, 22:15
An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
| Vendor | Product | Version |
|---|---|---|
| rosariosis | rosariosis | 𝑥 < 8.1.1 |
𝑥
= Vulnerable software versions