3 matches found
EVOLUCARE ECS Imaging SQL Injection (CVE-2021-3118)
An SQL injection vulnerability exists in EVOLUCARE ECS Imaging. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2021-3118
creationtimestamp| type| source ---|---|--- 2021-01-11 12:45:21+00:00| seen| https://t.me/cibsecurity/21899...
CVE-2021-3118
EVOLUCARE ECSIMAGING (aka ECS Imaging) vulnerable up to version 6.21.5 due to multiple SQL Injection flaws in the login form and the password-forgotten form (e.g., /req_password_user.php?email=). The database component runs as root, enabling data theft and potential full access to the application...