📦 Rosariosis

This CVE describes a SQL injection vulnerability in the Rosariosis educational management software prior to version 9.0. Attackers can inject malicious SQL queries through user inputs, potentially all...

An unauthenticated SQL injection vulnerability in RosarioSIS allows attackers to execute arbitrary SQL commands via the votes parameter in PortalPollsNotes.fnc.php. This affects all RosarioSIS install...

An unauthenticated SQL injection vulnerability in Rosario Student Information System (rosariosis) allows remote attackers to execute arbitrary PostgreSQL statements through the syear parameter in /Sid...

This CVE describes an information exposure vulnerability in RosarioSIS, an open-source student information system. The vulnerability allows unauthorized actors to access sensitive information through ...