CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/22 4:13 p.m.•6 views

CVE-2020-35326

SQL Injection vulnerability in file /inxedu/demoinxeduopen/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value...

9.8CVSS8.2AI score0.01713EPSS

Exploits1

NVD•added 2023/01/20 7:15 p.m.•10 views

CVE-2020-21152

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

9.8CVSS10AI score0.00312EPSS

Exploits1References2

OSV•added 2023/01/20 7:15 p.m.•1 views

CVE-2020-21152

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

9.8CVSS6.1AI score

Exploits0References2

Prion•added 2023/01/20 7:15 p.m.•15 views

Sql injection

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

7.5CVSS9.9AI score0.00312EPSS

Exploits1References2Affected Software1

CVE•added 2023/01/20 12:0 a.m.•41 views

CVE-2020-21152

The CVE-2020-21152 entry concerns inxedu 2.0.6 with a SQL injection in the /saverolefunction API via the functionIds parameter. The vulnerability could allow arbitrary command execution and carries a high impact (CVSS v3.1: 9.8, CRITICAL). Public details in the provided documents specify the vuln...

9.8CVSS9.9AI score0.00312EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/01/20 12:0 a.m.•13 views

CVE-2020-21152

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

10AI score0.00312EPSS

Exploits1References2

NVD•added 2023/01/18 7:15 p.m.•7 views

CVE-2020-35326

SQL Injection vulnerability in file /inxedu/demoinxeduopen/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value...

9.8CVSS9.9AI score0.01713EPSS

Exploits1References2

Prion•added 2023/01/18 7:15 p.m.•13 views

Sql injection

SQL Injection vulnerability in file /inxedu/demoinxeduopen/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value...

7.5CVSS9.8AI score0.01713EPSS

Exploits1References2Affected Software1

CVE•added 2023/01/18 12:0 a.m.•35 views

CVE-2020-35326

The CVE-2020-35326 entry documents a SQL injection vulnerability in the inxedu product, specifically in the WebsiteImagesMapper.xml around the WebsiteImagesMapper code path for inxedu 2.0.6. The underlying issue is an injection flaw caused by an unsafely used id value in the MyBatis mapping file,...

9.8CVSS9.8AI score0.01713EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/01/18 12:0 a.m.•4 views

CVE-2020-35326

SQL Injection vulnerability in file /inxedu/demoinxeduopen/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value...

10AI score0.01713EPSS

Exploits1References2

OSV•added 2021/04/29 5:15 p.m.•1 views

CVE-2020-35430

SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem...

9.8CVSS7.4AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by