5 matches found
CVE-2020-8591
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request...
CVE-2020-8592
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet aka the Forgot Password feature...
Sql injection
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet aka the Forgot Password feature...
CVE-2020-8591
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request...
CVE-2020-8592
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet aka the Forgot Password feature...