{"id":"CVE-2024-51211","details":"SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $username_stn_id parameter, which can be manipulated by an attacker to inject arbitrary SQL commands.","modified":"2026-04-10T05:14:46.773827Z","published":"2024-11-08T19:15:06.347Z","references":[{"type":"EVIDENCE","url":"https://github.com/kutsa1/My-CVE/tree/main/CVE-2024-51211"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/os4ed/opensis-responsive-design","events":[{"introduced":"0"},{"last_affected":"0d3e2d52912540d4edf87d5b8c005cd6b32ff313"},{"introduced":"0"},{"last_affected":"53407797404f05612b774e233bec52951986013b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"9.0"},{"introduced":"0"},{"last_affected":"9.1"}]}}],"versions":["V7.5","V7.6","V8.0","V9.0","V9.1","Ver7.0Prod_update","Ver7.0beta1","v7.1","v7.2","v7.3","ver7.1","ver7.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-51211.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}