4 matches found
CVE-2024-35570
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file...
CVE-2024-35570
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file...
CVE-2024-35570
The connected PT-2024-26551 entry confirms an arbitrary-file-upload vulnerability in inxedu v2.0.6, specifically the ImageUploadController.class component, enabling code execution via a crafted JSP upload. No fix version is provided; workaround advises avoiding the file-upload feature and restric...
CVE-2024-35570
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file...