Описание
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.
Ссылки
- Not Applicable
- Product
- ExploitThird Party Advisory
- Not Applicable
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:egavilanmedia:ecm_address_book:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00316
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.
EPSS
Процентиль: 54%
0.00316
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89