CVE-2020-35326

Опубликовано: 18 янв. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value.

Ссылки

https://gitee.com/inxeduopen/inxedu/issues/I14DNJ
Exploit
Third Party Advisory
https://github.com/876054426/vul/blob/master/inxedu%20through%202018-12-24%20has%20a%20SQL%20Injection%20vulnerability.md
Exploit
Third Party Advisory
https://gitee.com/inxeduopen/inxedu/issues/I14DNJ
Exploit
Third Party Advisory
https://github.com/876054426/vul/blob/master/inxedu%20through%202018-12-24%20has%20a%20SQL%20Injection%20vulnerability.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:inxedu:inxedu:2.0.6:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01548

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-fqx2-wm63-7f5w