Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inxedu inxedu vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-7684
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video...
Inxedu Inxedu
9.8
CVSSv3
CVE-2019-3576
inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. The vulnerable code location is com.inxedu.os.edu.controller.user.UserController#deleteFavorite (aka deleteFavorite in com/inxedu/os/edu/control...
Inxedu Project Inxedu
9.8
CVSSv3
CVE-2020-21152
SQL Injection vulnerability in inxedu 2.0.6 allows malicious users to execute arbitrary commands via the functionIds parameter to /saverolefunction.
Inxedu Inxedu 2.0.6
9.8
CVSSv3
CVE-2020-35326
SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value.
Inxedu Inxedu 2.0.6
9.8
CVSSv3
CVE-2020-35430
SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem.
Inxedu Inxedu 2.0.6
NA
CVE-2024-35079
An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows malicious users to execute arbitrary code via uploading a crafted .jsp file.
NA
CVE-2024-35080
An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows malicious users to execute arbitrary code via uploading a crafted .jsp file.
NA
CVE-2024-35570
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows malicious users to execute arbitrary code via uploading a crafted jsp file.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started