Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inxedu inxedu vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-7684
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video...
Inxedu Inxedu
7.5
CVSSv2
CVE-2020-35430
SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem.
Inxedu Inxedu 2.0.6
NA
CVE-2020-35326
SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value.
Inxedu Inxedu 2.0.6
NA
CVE-2020-21152
SQL Injection vulnerability in inxedu 2.0.6 allows malicious users to execute arbitrary commands via the functionIds parameter to /saverolefunction.
Inxedu Inxedu 2.0.6
7.5
CVSSv2
CVE-2019-3576
inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. The vulnerable code location is com.inxedu.os.edu.controller.user.UserController#deleteFavorite (aka deleteFavorite in com/inxedu/os/edu/control...
Inxedu Project Inxedu
NA
CVE-2024-35079
An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows malicious users to execute arbitrary code via uploading a crafted .jsp file.
NA
CVE-2024-35080
An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows malicious users to execute arbitrary code via uploading a crafted .jsp file.
NA
CVE-2024-35570
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows malicious users to execute arbitrary code via uploading a crafted jsp file.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started