KakeruJ

2 exploits Active since May 2024
CVE-2024-35570 WRITEUP CRITICAL WRITEUP
inxedu v2.0.6 - Arbitrary File Upload and Remote Code Execution via ImageUploadController
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file.
CVSS 9.8
CVE-2024-40322 WRITEUP HIGH WRITEUP
JFinalCMS 5.0.0 - SQL Injection via /admin/div_data/data
An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data
CVSS 8.8