Lucene search
+L

12 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-17216

Malware in sbrugna...

10CVSS9.5AI score0.02146EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-35183

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00584EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 5:51 p.m.9 views

CVE-2020-21152

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

9.8CVSS8.8AI score0.00762EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 10:33 a.m.4 views

CVE-2019-3576

inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATHINFO. The vulnerable code location is com.inxedu.os.edu.controller.user.UserControllerdeleteFavorite aka deleteFavorite in...

9.8CVSS7.8AI score0.01532EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/05/23 6:51 p.m.13 views

CVE-2024-35079

An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file...

8AI score0.00584EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/23 6:51 p.m.31 views

CVE-2024-35079

An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file...

7.4AI score0.00584EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/05/23 6:50 p.m.15 views

CVE-2024-35080

An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file...

7.8AI score0.00584EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/23 6:50 p.m.24 views

CVE-2024-35080

An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file...

7.4AI score0.00584EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/23 6:29 p.m.23 views

CVE-2024-35570

An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file...

7.4AI score0.00894EPSS
Exploits1References1
osv
osv
added 2019/02/09 10:29 p.m.3 views

CVE-2019-7684

inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadControllergok4 com/inxedu/os/common/controller/VideoUploadController.java. The attacker uses the /video/uploadvideo fileTyp...

9.8CVSS5.8AI score0.02146EPSS
Exploits1References1
cvelist
cvelist
added 2019/02/09 10:0 p.m.23 views

CVE-2019-7684

inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadControllergok4 com/inxedu/os/common/controller/VideoUploadController.java. The attacker uses the /video/uploadvideo fileTyp...

9.5AI score0.02146EPSS
Exploits1References1
cnvd
cnvd
added 2019/01/04 12:0 a.m.5 views

inxedu SQL Injection Vulnerability

inxedu is a set of open source online education platform of China's inxedu technology company. The platform includes an online school system, a live broadcasting system, an examination system, a community system and a marketing website. SQL injection vulnerability exists in inxedu 2018-12-24 and...

9.8CVSS7.9AI score0.01532EPSS
Exploits0References1
Rows per page
Query Builder