{"id":"CVE-2020-6637","details":"openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.","modified":"2026-04-10T04:26:28.813712Z","published":"2020-08-24T19:15:10.620Z","references":[{"type":"WEB","url":"https://opensis.com/"},{"type":"ADVISORY","url":"https://sourceforge.net/projects/opensis-ce/files/"},{"type":"FIX","url":"https://github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71ad8d73510de8"},{"type":"EVIDENCE","url":"https://cinzinga.com/CVE-2020-6637/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/os4ed/opensis-classic","events":[{"introduced":"0"},{"fixed":"1127ae0bb7c3a2883febeabc6b71ad8d73510de8"}]},{"type":"GIT","repo":"https://github.com/os4ed/opensis-responsive-design","events":[{"introduced":"0"},{"last_affected":"1a618f9606af177af1f137d1424ff7b3c4b14b56"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"7.3"}]}}],"versions":["Ver7.0Prod_update","Ver7.0beta1","v7.1","v7.2","v7.3","ver7.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6637.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}