Vulnerabilities > Inxedu

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2020-21152	SQL Injection vulnerability in Inxedu 2.0.6 SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction. network low complexity inxedu CWE-89 critical	9.8
2023-01-18	CVE-2020-35326	SQL Injection vulnerability in Inxedu 2.0.6 SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value. network low complexity inxedu CWE-89 critical	9.8
2021-04-29	CVE-2020-35430	SQL Injection vulnerability in Inxedu 2.0.6 SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem. network low complexity inxedu CWE-89 critical	9.8
2019-02-09	CVE-2019-7684	Unrestricted Upload of File with Dangerous Type vulnerability in Inxedu 2.0.6/20181224 inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. network low complexity inxedu CWE-434 critical	9.8

Vulnerabilities > Inxedu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Inxedu"}]}