Egavilanmedia: Security Vulnerabilities
EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.
CVSS Score
8.0
EPSS Score
0.002
Published
2020-12-21
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-12-21
XSS in the Add Expense Component of EGavilan Media Expense Management System 1.0 allows an attacker to permanently store malicious JavaScript code via the 'description' field
CVSS Score
6.1
EPSS Score
0.002
Published
2020-12-15
EGavilan Barcodes generator 1.0 is affected by: Cross Site Scripting (XSS) via the index.php. An Attacker is able to inject the XSS payload in the web application each time a user visits the website.
CVSS Score
6.1
EPSS Score
0.005
Published
2020-12-15
Page 2