2 matches found
CVE-2020-35430
CVE-2020-35430 is an SQL injection vulnerability in Inxedu v2.0.6, reachable via the ids parameter in admin/letter/delsystem of the AdminMsgSystemController (com/inxedu/OS/edu/controller/letter). The issue is triggered by unsafely constructed SQL, enabling partial/full data exposure or manipulati...
UNION Query-based SQL Injection Over HTTP Traffic (CVE-2018-17254; CVE-2020-18144; CVE-2020-29283; CVE-2020-29287; CVE-2020-29288; CVE-2020-35430; CVE-2021-24285)
UNION Query-based SQL Injection Over HTTP Traffic...