Opensips · Opensis · CVE-2025-26186
**Name of the Vulnerable Software and Affected Versions**
openSIS version 9.1
**Description**
A SQL Injection issue exists in openSIS version 9.1. A remote attacker can execute arbitrary code by manipulating the `id` parameter in the Ajax.php file.
**Recommendations**
Apply input validation and sanitization to the `id` parameter in the Ajax.php file.