{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T22:29:41.133","vulnerabilities":[{"cve":{"id":"CVE-2020-6123","sourceIdentifier":"talos-cna@cisco.com","published":"2020-09-01T14:15:13.957","lastModified":"2024-11-21T05:35:09.323","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability."},{"lang":"es","value":"Se presenta una vulnerabilidad explotable de inyección sql en la funcionalidad del parámetro email de OS4Ed openSIS versión 7.3. El parámetro email en la página EmailCheck.php es vulnerable a una inyección SQL. Un atacante puede hacer una petición HTTP autenticada para desencadenar esta vulnerabilidad"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:os4ed:opensis:7.3:*:*:*:-:*:*:*","matchCriteriaId":"2A00955B-ADF9-4ED2-A8A1-B110A55DC603"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1073","source":"talos-cna@cisco.com","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1073","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}}]}