CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35276

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://ecm.com
http://egavilanmedia.com
https://hardik-solanki.medium.com/authentication-admin-panel-bypass-which-leads-to-full-admin-access-control-c10ec4ab4255
http://ecm.com
http://egavilanmedia.com
https://hardik-solanki.medium.com/authentication-admin-panel-bypass-which-leads-to-full-admin-access-control-c10ec4ab4255

Products affected by CVE-2020-35276

Egavilanmedia » Ecm Address Book » Version: 1.0

cpe:2.3:a:egavilanmedia:ecm_address_book:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35276

Products

Pricing

Contact Us