Arbitrary File Deletion Vulnerability in the fileservice/FileManage.asmx?op Page of the Elearning Management System of Xinwei Software

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. The E-learning management system fileservice/FileManage.asmx?op page contains an arbitrary file deletion vulnerability that can be exploited by an attacker to delete files and folders...

SQL Injection Vulnerability in ClientCourse.asmx?op, E-learning Management System of Xinwei Software

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the ClientCourse.asmx?op= page of the E-learning management system of Xinwei Software. An attacker can exploit the vulnerability to obtain sensitive information from...

XML Entity Injection Vulnerability in Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. An XML entity injection vulnerability exists in the E-learning system of Xinwei Software. An attacker can use the vulnerability to remotely execute commands and gain server privileges...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...