XML Entity Injection Vulnerability in Xinwei Software E-learning System
E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. An XML entity injection vulnerability exists in the E-learning system of Xinwei Software. An attacker can use the vulnerability to remotely execute commands and gain server privileges...