Critical severity9.8NVD Advisory· Published Jan 11, 2021· Updated Jun 17, 2026
CVE-2021-3118
CVE-2021-3118
Description
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form (such as /req_password_user.php?email=). This allows an attacker to steal data in the database and obtain access to the application. (The database component runs as root.) NOTE: This vulnerability only affects products that are no longer supported by the maintainer
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- EVOLUCARE/ECSIMAGINGdescription
- Range: <=6.21.5
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/49392nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.